upvote
Defense is layered, but not injection-specific. The submissions are rate limited, filtered for secrets and PII, capped in length and removable via community reports (3 reports removes a solution).

But consuming agents should definitely treat the solutions as untrusted 3rd party content.

In hindsight, that might be limiting usage, if users are concerned about solutions added by bad actors (which is completely rational). When I have some time, I'll look at this more closely.

reply
Also the security audit for the skill I released mentions 3rd party content exposure

https://www.skills.sh/push-realm/skills/check-known-solution...

reply