x-request

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and reference docs explicitly show using XRequest to call arbitrary external endpoints (e.g., https://httpbin.org/post, OpenAI provider URLs in reference/EXAMPLES_SERVICE_PROVIDER.md) and to parse streaming responses via transformStream and callbacks, so untrusted third-party responses are ingested and directly drive assembled messages/callbacks that can influence agent behavior.