api-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — SKILL.md Workflow step 1 explicitly requires the agent to "Review the API documentation, OpenAPI spec, or SDK reference" and to be given a documentation URL, meaning the agent will fetch and interpret arbitrary public third-party docs/webpages which can directly influence its integration decisions and actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly targets API integrations for production-grade use and includes concrete, payment-oriented examples and guidance. Notably it contains a full Stripe client example with functions that create customers and create_payment_intent (i.e., initiating payment operations), references listing charges, and calls out best practices specific to payment/financial APIs (idempotency keys, Stripe-Version header, redaction of card numbers). These are specific payment gateway operations (Stripe) and therefore constitute direct financial execution capability rather than a generic API tool.