alicloud-observability-pts

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches public API metadata from https://api.aliyun.com/meta/v1/products/PTS/versions/2020-10-20/api-docs.json (see SKILL.md API Discovery and scripts/list_openapi_meta_apis.py), meaning the agent ingests untrusted third-party JSON that can change which APIs/parameters it will call and thus materially influence subsequent actions.