openapi-ts-client

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The runtime path is the generator reading the OpenAPI input (e.g., a live http://.../openapi.json URL) and ingesting that fetched OpenAPI JSON/spec text into the LLM context during code generation, which is outsider-authored free text from a public/local server not chosen by the operating user.