extracting-memory-artifacts-with-rekall

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's create_session (scripts/agent.py) and SKILL.md default the Rekall profile_path to the public GitHub raw URL (https://github.com/google/rekall-profiles/raw/master), causing the agent to fetch and ingest open/public third-party profile data that could be untrusted and materially influence analysis/tool behavior.