quantai-service

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and processes content from an external public service (BASE_URL http://47.129.240.216:8000) — e.g., GET /jobs/{id}/logs, /files/strategy.cs, and /result (factor_card_txt) — and the agent is explicitly required to read/interpret those logs/files and modify/retest code based on them, so untrusted third-party content can materially influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill depends at runtime on the external service at http://47.129.240.216:8000 (used for /jobs/submit, /jobs/{id}/status, /files/strategy.cs, /retest, /result, etc.), which executes uploaded plugins/server-side workflows and returns generated code/results that the agent relies on, so this URL enables remote code execution and is a required runtime dependency.