create-psr18-http-client

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's templates (CurlHttpClient in SKILL.md and StreamHttpClient and ApiClientBuilder in references/templates.md) perform HTTP requests (curl_exec, file_get_contents) to arbitrary URLs derived from RequestInterface/baseUrl and then parse/use the response (e.g., json_decode) as part of program logic, which clearly ingests untrusted third-party web content that can influence subsequent actions.