project-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's BUILD patterns and examples (e.g., references/build-patterns.md showing requests.get("https://api.twelvedata.com/price"), explicit mention of web scraping in SKILL.md, and dashboard/backend examples calling external APIs like https://api.example.com/data) require fetching public third‑party content and feeding it into LLM calls or the full agent (/chat/stream/OpenRouter), so untrusted web content can be read and materially influence agent decisions or subsequent tool use.