causal-abel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs live web grounding and search (SKILL.md Step 5 and references/web-grounding.md) and includes code that fetches third‑party content (e.g., scripts/check_skill_update.py fetching raw GitHub URLs and scripts/cap_probe.py calling external CAP endpoints), so the agent will fetch and interpret untrusted public web content that can materially change decisions.