ai-redteam

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's testing harness (references/testing_harness.md) explicitly lists "Public harm benchmarks" as dataset sources and the core workflows call out RAG/“retrieved documents” as attack vectors, meaning the agent ingests untrusted public/user-generated content (retrieved docs/benchmarks) that can materially influence tool behavior and decisions.