api-tester

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly directs the agent to fetch and scrape arbitrary public websites (e.g., Step 2/3 and the Example Usage showing "scrapegraph" and "linkup" calls with "website_url" like "https://stripe.com/docs/api" and "https://api.openai.com/v1/models") and to extract/interpret API docs, which are untrusted third-party pages that can materially influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). This skill makes runtime POSTs to the Gooseworks proxy (default https://api.gooseworks.ai/v1/proxy/orthogonal/...) to fetch and scrape arbitrary external pages (examples in the skill: https://stripe.com/docs/api, https://api.openai.com/v1/models) and the returned/fetched content is parsed and injected into the agent flow (scrapegraph/markdownify/linkup), so remote content can directly control prompts and is required for the skill to operate.