omniCell

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The nuShell skill explicitly allows executing arbitrary terminal commands ("Universal shell tool
• use for ANY terminal command" in SKILL.md) and even lists network-capable tools like "git" and "npm", meaning the agent can fetch and ingest untrusted public third-party content and will read/interpret those command outputs as part of its workflow.