apifox

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and ingests OpenAPI JSON from the public Apifox API (see scripts/apifox_client.py:_fetch_oas_from_api which calls https://api.apifox.com/v1/projects/{project_id}/export-openapi) and then reads/parses that externally-hosted project documentation (cached via cache_manager) as part of its workflow, exposing the agent to third-party (potentially user-generated) content that could carry indirect prompt-injection.