scandinavia-transit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly fetches and ingests data from public third‑party transit APIs (Entur at https://api.entur.io/journey-planner/v3/graphql, ResRobot at https://api.resrobot.se, and Rejseplanen at https://www.rejseplanen.dk/api/*) and explicitly instructs the agent to read and act on responses (e.g., trip, departureBoard, himsearch results) to decide routing and next actions, so untrusted external content could indirectly influence behavior.