hunt

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Phase 2 and the referenced references/telemetry.md explicitly instruct the agent to query and ingest telemetry from third-party vendor APIs, CLIs, and dashboard URLs (e.g., "HTTP API + token via curl + jq" and "Dashboard URL the user pastes / screenshots") which requires reading untrusted external content that can influence debugging decisions.