capability-evolver
Warn
Audited by Snyk on Jun 23, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.72). The required runtime workflow can ingest outsider-authored free text via EvoMap Hub–delivered mailbox messages (e.g.,
task_available,hub_event,asset_submit_result,skill_update) that the agent reads from the local Proxy mailbox and includes in its LLM context; these messages originate from third parties on the network, not the operating user.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata