sandboxed-audit-runner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow instructs creating/using the sandbox profile in references/smart-contract.srt.md which explicitly allows network access to public, user-generated sources (e.g., "raw.githubusercontent.com", "github.com", "registry.npmjs.org", "pypi.org") and then runs audit tooling that is expected to fetch and interpret those third‑party resources, so untrusted web content can influence the agent's actions.