python-data-engineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs building API extraction clients and includes runnable examples that fetch and paginate arbitrary third-party HTTP endpoints (see references/extraction-patterns.md — e.g., StripeExtractor, paginate_link_header, fetch_with_retry) and parse response headers like Link and Retry-After that directly influence follow-up requests and behavior, exposing the agent to untrusted third-party content.