case-study-writing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs running web-search apps via the inference.sh CLI (e.g., "infsh app run tavily/search-assistant" in Quick Start and "infsh app run exa/search" / "infsh app run exa/answer" in Research Support) to fetch industry benchmarks and competitor content from the open web, which the agent is expected to read and use to shape the case study output, exposing it to untrusted third-party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires the inference.sh CLI (https://inference.sh) and uses commands like "infsh app run infsh/python-executor" at runtime, which fetches remote apps and executes code remotely (thus controlling agent execution), so this is a runtime external-execution dependency.