ip-lookup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md and example code explicitly fetch JSON from public third-party IP providers (e.g., ipinfo.io, ip-api.com, geolocation-db.com, api.db-ip.com) and the agent is required to read/normalize those untrusted public responses to compute a "best match," so external content can materially influence its decisions.