labx-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches user-generated marketplace data from https://admin.labx.com (e.g., GET /api/v1/listings and GET /api/v1/inquiries described in SKILL.md and implemented by methods like fetch_labx_listings and labx_variance_report), and that untrusted third-party content is read and used to drive sync, upload, and deactivation decisions.