local-llm-provider

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill sends prompts to configurable remote LLM endpoints (e.g., the Anthropic API at https://api.anthropic.com/v1/messages and other providers/URLs set in config.json or via OLLAMA_BASE_URL/LLAMACPP_BASE_URL/VLLM_BASE_URL) and returns their responses as part of its normal workflow, so untrusted third‑party model outputs could inject instructions that influence subsequent decisions.