scv-scan

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The workflow explicitly instructs the agent in Phase 2 to read and interpret the target Solidity codebase (performing grep/semantic reads of project files), i.e., arbitrary user-supplied/untrusted code is ingested and analyzed as part of the audit.