robius-state-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill clearly performs network fetches of external, potentially user-provided data (e.g., MolyClient.get_featured_models(), Chats::load(moly_client), sync_with_server() using provider.url and provider-supplied models in references/moly-state-patterns.md and references/persistence-patterns.md), so the agent will read and process untrusted third‑party/user-generated content as part of its workflow.