build-hcom-systems

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly pulls and imports events/state from public MQTT brokers (e.g., broker.emqx.io listed in references/internals/relay-system.md and SKILL.md's cross-device/relay sections), treating those remote, user-originated events as hcom events that are delivered to agents and can drive actions—i.e., untrusted third-party content is ingested and can influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's relay system is explicitly configured to connect at runtime to external MQTT brokers (e.g., mqtts://broker.emqx.io:8883, mqtts://broker.hivemq.com:8883, and mqtts://test.mosquitto.org:8886), which pull/push event payloads that are imported as hcom events/messages and can directly control agent prompts/instructions on receipt.