nutmeg-acquire

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to fetch and scrape public third‑party sources (e.g., StatsBomb raw GitHub URLs, FBref/Understat/Transfermarkt web scraping, Kaggle and arbitrary web searches in "Self-discovery"), which the agent must read and interpret to decide data sources and actions, exposing it to untrusted public content that could carry indirect prompt injections.