mistica-react

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly requires reading node_modules/@telefonica/mistica/doc/llms.md and, if absent, fetching the equivalent file from the public GitHub URL (https://github.com/Telefonica/mistica-web/blob/master/doc/llms.md), so the agent ingests and must follow third-party public content that can change its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill mandates reading and "follow[ing] every instruction" in node_modules/@telefonica/mistica/doc/llms.md and, if missing, to fetch it at runtime from https://github.com/Telefonica/mistica-web/blob/master/doc/llms.md, meaning external content directly controls agent instructions and is a required dependency.