skale-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Skill explicitly instructs the agent to fetch and read public SKALE documentation from https://docs.skale.space (e.g., llms.txt, llms-full.txt, and various .md pages) via webReader/curl, which are open public webpages and thus expose the agent to untrusted third‑party content that could carry indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill fetches external documentation at runtime (e.g. https://docs.skale.space/llms.txt) via webReader/mcp_web_reader and injects that content into the agent context, meaning the remotely fetched text can directly control prompts/responses.