rtk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md Proxy Mode explicitly shows running external fetches (e.g., "rtk proxy curl https://api.example.com") which would cause the agent to execute and read arbitrary public URLs' responses as part of its workflow, allowing untrusted third-party content to influence subsequent actions.