@1390/woofi-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill makes live requests to the public WOOFi API (e.g., https://api.woofi.com endpoints and explicitly https://api.woofi.com/llms.txt) and the agent is expected to read/interpret those external responses as part of its workflow, so untrusted third‑party content (including the llms.txt file) could inject instructions that change agent behavior.