db-core

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill’s required workflows show the agent ingesting and acting on remote, potentially untrusted content — e.g., collection-setup/references/electric-adapter.md (shapeOptions.url proxy and collection.utils.awaitMatch which inspects Electric stream messages) and db-core/custom-adapter/SKILL.md (sync implementations that fetch(config.endpoint) and myWebSocket.subscribe to process external events) — and those incoming messages are parsed/matched and used to control sync/mutation decisions.