api-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow Step 2 "Exemplar Research" (modules/exemplar-research.md) explicitly directs the agent to find and document high-quality API references and lists public URLs (e.g., pandas, requests, tokio, Stripe, GitHub docs), which requires fetching and interpreting open, user/third-party web content that can influence audit decisions.