ralph

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow explicitly routes "URL-based visual cloning tasks" (Step 5) through a visual tool when the task description contains a target URL (e.g., "clone https://example.com"), meaning it will fetch and evaluate arbitrary public webpages as part of its verification loop, exposing the agent to untrusted third-party content.