tracekit-code-monitoring

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill documentation explicitly says SDKs fetch breakpoint configurations and logpoints from the TraceKit dashboard (https://app.tracekit.dev/code-monitoring) via SSE/polling and that breakpoint conditions/logpoint templates are user-configurable and evaluated server-side, so untrusted dashboard content is ingested and can change capture behavior and downstream decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's SDK communicates at runtime with https://app.tracekit.dev (and its API endpoint https://app.tracekit.dev/v1/traces) to fetch breakpoint/logpoint configurations via SSE which directly instruct the SDK to set breakpoints, inject logpoints, and trigger snapshots in the running application, so remote content controls runtime behavior.