openchoreo-developer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's instructions explicitly require fetching and interpreting external, user-published repositories and manifests (e.g., "Before deploying any third-party app: fetch the official manifests..." in SKILL.md and the build-from-source recipe that uses repository.url/GitHub and reads workload.yaml from the repo), so the agent will ingest untrusted public web content (Git repos/manifests) that can materially change actions.