exasol-database

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow includes fetching and executing third-party content (e.g., the install step in references/exapump-reference.md: "curl -fsSL https://raw.githubusercontent.com/exasol-labs/exapump/main/install.sh | sh") and supports importing data from arbitrary external locations (IMPORT FROM HTTP/HTTPS, S3, GCS, FTP shown in references/import-export.md), which clearly ingests untrusted public content that can influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill loads references/exapump-reference.md at runtime which contains the installation command "curl -fsSL https://raw.githubusercontent.com/exasol-labs/exapump/main/install.sh | sh", a URL that, if executed, would fetch and execute remote code—thus presenting a runtime-executable external dependency.