intelligence-transfer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly loads pattern data from public IPFS/Pinata CIDs (see the "Fetch + apply a peer's patterns" workflow calling hooks_transfer with action "load" and a CID), merging untrusted peer-provided JSON patterns into local agent state which can materially change agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). Yes — the skill loads external IPFS content at runtime (e.g., CID "QmXyz..." via the hooks_transfer/Pinata workflow requiring PINATA_API_JWT), and those fetched JSON patterns are merged into agent state and can directly influence agent prompts/behavior.