libfuzzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill instructs downloading and using public, user-provided files (e.g., curl commands fetching libpng from downloads.sourceforge.net and harnesses/corpus/dictionaries from raw.githubusercontent.com and GitHub) so the agent's workflow clearly ingests untrusted third-party content (seed corpora, harnesses, dictionaries) that could carry indirect prompt-injection vectors.