projectmanagement

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The miniproject skill's Research workflow explicitly directs the agent to use open web search and content-extraction tools ("use_skill(brave_search) with it's search and content extraction scripts" and fallback to lynx) to gather information from third‑party websites, which the agent is expected to read and use to inform planning and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The in-memoria skill explicitly instructs running "npx in-memoria ..." (which fetches and executes remote npm package code) and references the project GitHub (https://github.com/pi22by7/In-Memoria), so this is a runtime external dependency that can execute remote code.