a2a-push-notifications

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md "Before writing code" section explicitly instructs fetching https://a2a-protocol.org/latest/specification/ and web-searching GitHub (site:github.com a2aproject ...) to ingest live docs and samples, which are untrusted third-party sources whose content the agent is expected to read and that can materially affect implementation behavior.