self-evolution

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's init and maintenance workflows explicitly run runtime skill discovery/installation (e.g., "use the DETECTED TECHNOLOGIES ... as input for find-skills" in Mode 2 and the Mode 7 Capability Radar which runs find-skills / npx skills add), causing the agent to fetch and ingest metadata/code from external public skill registries/GitHub/npm—untrusted third-party content that is read and used to decide/drive tool installs and next actions.