api-tester

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md instructs the agent to send HTTP requests to arbitrary endpoint URLs provided by the user (see "Step 2: Send the request" and examples like "https://api.example.com/users") and to read and act on response bodies to drive subsequent requests and decisions (Step 3 validation, examples using response data), which clearly ingests untrusted third-party content that can influence agent actions.