sinch-mailgun-validate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to create/poll bulk validation jobs and download results from the returned download_url.csv / download_url.json (noting these contain user-uploaded data), so the agent will fetch and parse untrusted, user-provided third-party content that can influence subsequent decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs the agent to fetch SDK reference pages at runtime (e.g., https://documentation.mailgun.com/docs/mailgun/sdk/python_sdk) to obtain accurate method signatures used to generate code, so external content directly controls prompt/code generation and is a required dependency for the "SDK" flow.