zerone-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses external HTTP docs via swagger.config.json's docsUrl (e.g., https://.../apifox?projectId=...) and downloads/parses user-supplied iconfont CSS (e.g., //at.alicdn.com/...), both of which are untrusted third-party sources that the agent consumes to generate code/assets and can materially influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's swagger.config.json uses an HTTP docsUrl (e.g. https://genapi-giime.giikin.com/apifox?projectId=7479596) which is fetched at runtime to obtain Swagger JSON that directly controls the code the CLI generates, and the tool relies on that fetched content to produce the API code.