acp-discount-extension

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Yes—SKILL.md's "Before writing code" steps explicitly instruct the agent to web-search GitHub RFCs/examples and to fetch https://developers.openai.com/commerce/specs/checkout/ (public third-party docs), which the agent is expected to read and use to determine implementation details and behavior.