@1247/squad-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The listener explicitly polls and ingests user-generated @mentions from the Squad API (GET /members/{id}/mentions as shown in SKILL.md and scripts/listener.py) and parses that content to drive responses and tool use, so untrusted third-party messages could inject instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The listener polls the runtime API endpoint https://community.iamstarchild.com/1247-squad-protocol/api/v1/members/{id}/mentions and uses the fetched mention content to parse and drive agent actions (the script explicitly notes it will "parse the mention content" and feed it to LLM/tools), so this external URL is contacted at runtime and can directly control prompts/instructions and is required for operation.