testing-guide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md and GenAI test scaffolding (tests/genai/conftest.py referenced in SKILL.md) show the test suite calls external LLMs via OpenRouter (Gemini Flash / Haiku) using genai.judge and then asserts on the model's score/reasoning, so untrusted third-party model outputs are ingested at runtime and can materially influence test decisions.