ctf-reverse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's documentation includes explicit runtime steps that fetch and process public, user-generated web content (for example, references/languages-platforms.md "Roblox Place File Analysis" shows a curl to https://assetdelivery.roblox.com/v2/... to download place versions, and other sections instruct calling Firebase Cloud Functions or pulling npm packages), so the agent would ingest untrusted third‑party content that could influence subsequent analysis or actions.