kuroco-mng-api-browser

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly navigates to and reads third-party-managed pages (/llms.txt and /direct/rcms_api/llms/?mt={module}) to extract module/controller schemas and field names (Step 3 and Step 3.5), and those dynamically-generated, site-provided contents are parsed and used to construct API calls—so untrusted external content can directly influence tool use and next actions.