canhelp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill queries the public IC Dashboard API in scripts/resolve-canister-id.sh and uses scripts/fetch-candid.sh (icp canister metadata) to download a canister's .did file which the agent then reads and summarizes, so untrusted third-party content is fetched and directly influences the agent's output/decisions.