anygen-website

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill calls the external AnyGen OpenAPI (https://www.anygen.io) at runtime (see SKILL.md Phase 1/Phase 2 and scripts/anygen.py prepare_task/create_task) and explicitly uses the service's returned "reply" and "suggested_task_params" (a prompt) as the plan the agent must present and then use to create tasks, so untrusted third‑party output can directly influence the agent's next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). This skill calls the AnyGen API at https://www.anygen.io at runtime (API_BASE) — e.g., the /v1/openapi/tasks/prepare response provides suggested_task_params and prompts that the agent must present/use, so remote content directly controls agent prompts and the skill requires the external service (ANYGEN_API_KEY).