world2agent-protocol

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md shows the agent ingesting signals from sensors that fetch public, user-generated sources (e.g., @world2agent/sensor-hackernews, sensor-reddit, sensor-github and the SensorHub link) and the client.on('signal', ...) handlers explicitly act on those signals to make routing/notification decisions, so untrusted third-party content can influence agent actions.