container-scan-trivy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs scanning and parsing arbitrary container images and filesystems (e.g., "trivy image ... :" and trivy JSON output), meaning the agent will ingest untrusted, user- or registry-provided content that could carry malicious/tainted text.