multi-model

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill sends prompts to external models specified by ARENA_MODELS and ARENA_PROVIDER_*_BASE_URL (e.g., public OpenAI/Ollama endpoints) and ingests their generated outputs as candidate answers and critiques in the multi-model loop, which exposes the agent to untrusted third-party content.