pp-espn

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to call ESPN's public endpoints and CLI commands that fetch live/remote data (e.g., "ESPN's public endpoints don't require an API key" and commands like today, summary, news, sync) and to run them with --agent so the agent will read and act on that third‑party content, which could thus influence subsequent tool use or decisions.