wasm-reverse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (Step 1) explicitly instructs fetching and saving .wasm modules and JS glue from webpages/URLs (via list_network_requests, search_in_sources, curl), meaning it ingests untrusted public web content which the agent must read and act on to drive analysis and follow-up actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs fetching arbitrary WebAssembly modules at runtime (e.g., "curl 下载 .wasm URL" — any https://.../module.wasm) which are then instantiated/executed by the analysis runtime, so remote .wasm content can execute code and is a required runtime dependency for the workflow.