cat-fact

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and displays random content from the public API catfact.ninja (see SKILL.md curl examples and API endpoints), exposing the agent to untrusted third‑party text that it ingests and uses in its workflow and which could in principle influence subsequent responses.