anygen-doc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill sends user prompts and uploaded reference files to the external AnyGen API (https://www.anygen.io) and then must read and act on the API's returned "reply" and "suggested_task_params" (the prepare -> prompt flow in SKILL.md) to drive task creation and background actions, so untrusted third-party content can materially influence the agent's decisions and tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill calls the AnyGen OpenAPI at https://www.anygen.io at runtime (prepare/create endpoints) and uses the returned suggested_task_params/prompt from that service to drive what the agent presents and to create generation tasks, so remote content from that URL directly controls agent prompts and is a required dependency.