openapi-parser

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's workflow and references explicitly instruct resolving external $ref URLs and working with public spec collections (see "External refs ($ref: 'https://...')" in references/schema-patterns.md and the konfig-sdks/openapi-examples guidance in references/example-repos.md), meaning the agent will fetch and parse untrusted, user-provided OpenAPI specs from the open web which directly drive test-generation and lifecycle actions.