apideck-portman

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly supports fetching remote OpenAPI specs via the -u/--url flag and shows examples (e.g., "Testing Apideck APIs" and the CLI Reference) and then converts and executes those specs into Postman collections and tests, so untrusted third‑party OpenAPI documents could alter generated requests, test logic, and subsequent tool actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). Portman explicitly supports fetching remote OpenAPI specs at runtime (e.g., the example URL https://specs.apideck.com/crm.yml) and those fetched specs directly determine the generated requests/tests the tool will execute, so an attacker-controlled spec could control agent behavior.