ez-devto

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly calls the public DEV.to API (see devto_get in scripts/devto.py using https://dev.to/api and endpoints like /articles and /comments) and prints article bodies and user comments (user-generated content) as part of its workflow, so untrusted third-party content is ingested and could influence downstream interpretation or actions.