anygen-data-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill calls the AnyGen OpenAPI (https://www.anygen.io) in its required prepare/create/get-messages workflow and the SKILL.md and scripts/anygen.py explicitly require the agent to present and then use the "reply" and "suggested_task_params" (prompt) returned by the prepare endpoint to drive task creation and monitoring, meaning untrusted third-party responses can directly influence the agent's actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill makes runtime API calls to https://www.anygen.io (API_BASE) whose prepare/create/get-messages responses include suggested_task_params, prompts, and replies that the agent must present and follow, so remote content from that URL directly controls agent instructions and is a required dependency.