intervals-icu

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-generated data from the public Intervals.icu API (see SKILL.md examples and scripts/api.sh endpoints like /athlete/{id}/wellness, /athlete/{id}/activities, /athlete/{id}/events), and that live third‑party content is read and used to make decisions and update events (e.g., adjusting workouts), so untrusted external content can materially influence agent behavior.