loom-concurrency

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md includes concrete runtime code (e.g., the "Complete Async Web Scraper with Rate Limiting" and fetch_data / fetch_all implementations in the Rust, Python, and TypeScript sections) that fetches and ingests arbitrary public URLs and returns page content for processing, which exposes the agent to untrusted third‑party content that could carry indirect prompt injections.