jq-json-processing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly shows piping data from public HTTP endpoints and arbitrary URLs into jq (e.g., "curl -s https://api.example.com/data | jq '.results'" and "cat urls.txt | xargs -I {} curl -s {} | jq '.data'") so the agent is instructed to fetch and parse untrusted third‑party web content that could influence subsequent actions.