zeroeval-install

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow repeatedly instructs calling ze.prompt, which performs network I/O to fetch prompt versions from the ZeroEval backend (e.g., https://api.zeroeval.com / app.zeroeval.com), meaning externally-served prompt content can be returned as system messages and materially change agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's ze.prompt() calls perform runtime network I/O and in auto mode fetch the latest prompt content from the backend (the SDK defaults to https://api.zeroeval.com), so content from that URL can directly control prompts at runtime.