azure-mgmt-apicenter-py

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly shows client.api_definitions.import_specification with a URL value (see "Import API Specification (URL)" example using "https://example.com/openapi.json"), which instructs the agent to fetch and ingest an arbitrary public OpenAPI document that would be parsed and used to create/update API definitions—allowing untrusted third‑party content to materially influence behavior.