ghidra-headless

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly ingests arbitrary user-supplied binaries via the ghidra-analyze.sh argument and produces/reads outputs like {name}_strings.json and {name}_decompiled.c (ExportStrings.java, ExportDecompiled.java), meaning the agent will read untrusted third‑party content derived from those binaries.