aliyun-openapi-discovery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches public product and API metadata from api.aliyun.com (see references/openapi-meta.md and the runtime scripts products_from_openapi_meta.py and apis_from_openapi_meta.py) and the SKILL.md workflow requires parsing that external JSON to drive further fetches, joins, and summary actions, so untrusted third-party content could materially influence subsequent tool use.