israeli-agritech-advisor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md Step 2 explicitly instructs the agent to call external vendor APIs (e.g., https://api.cropx.com, GrowSphere endpoints, https://api.taranis.com) and to read/act on returned recommendations and detections (e.g., /sites/{id}/recommendations, /fields/{id}/detections) which are third-party responses that the agent is expected to interpret and use to drive actions like scheduling irrigation or triggering alerts, so untrusted external content could materially influence behavior.