Testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). The required workflow uses curl -s https://ethskills.com/testing/SKILL.md to fetch outsider-authored free text from a public web page at runtime, which the agent then reads into its LLM context.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). I flagged https://ethskills.com/testing/SKILL.md because the skill's install.command and setup explicitly run curl to fetch that file at runtime and instruct the agent to read it, meaning the fetched content would directly control agent prompts/instructions.