self-improve-with-tinyfish

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs Hermes to run TinyFish Search and TinyFish Fetch against live web URLs (see "Search with TinyFish" and "Fetch selected URLs" / API examples) and to ingest and analyze fetched page text to write and install new skills, so arbitrary public web content could influence agent behavior and inject instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires runtime calls to TinyFish search/fetch APIs (e.g., https://api.search.tinyfish.ai and https://api.fetch.tinyfish.ai) to fetch external pages whose text is then injected into the agent's context to generate SKILL.md, so remote content can directly control prompts and is a required dependency.