atlas-cloud

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch live, public model listings and per-model OpenAPI schemas (e.g., GET https://api.atlascloud.ai/api/v1/models and the model "schema" URLs, as required in "Step 1 — Fetch the model list" and the quick-generate/get_model_schema workflows in SKILL.md and references), and it uses that untrusted third-party content to build requests and drive generation actions, so those external responses can directly influence tool use and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires runtime fetches from https://api.atlascloud.ai/api/v1/models (and the model-specific schema URLs returned by that endpoint) to obtain authoritative model IDs and OpenAPI schemas which the code uses to build request bodies and determine which field is used for the prompt, so external content fetched at runtime directly controls prompt construction and is a required dependency.