dzaleka-online-services-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill fetches and displays content from the public Dzaleka Online Services API (https://services.dzaleka.com/api — e.g., /api/news, /api/photos, /api/resources, /api/search), which returns community/user-generated text and media that the agent is expected to read and could contain untrusted instructions used for indirect prompt injection.