api-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly directs the agent to integrate and fetch data from external REST APIs (e.g., examples using GitHub and OpenWeather and the api_request(url: str) / response.json() code blocks), so untrusted third‑party JSON/content fetched from those APIs would be read and could materially influence agent behavior.