agentic-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly lists an MCP server "Firecrawl" as "웹 크롤링 | 데이터 수집" in section 5 (MCP 서버 활용), which indicates the agent fetches and processes public web content (untrusted/user-generated) as part of its workflow and could therefore be influenced by instructions in that third-party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Dockerfile includes a runtime install step that runs "curl -fsSL https://claude.ai/install.sh | sh", which fetches and immediately executes remote code (making that external content a required dependency for the recommended container setup).