continuous-learning-v2

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's CLI explicitly fetches arbitrary http(s) URLs in scripts/instinct-cli.py (cmd_import) to import "instinct" files from the web and writes them into the inherited instincts directory, which are then read and used to generate/apply skills/commands/agents—so untrusted third‑party content can influence agent behavior.