cloud-access-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's CLI and SKILL.md explicitly call external APIs (the Cloud API at https://api.elastic-cloud.com via _cloud_request in scripts/cloud_access.py and arbitrary project Elasticsearch endpoints via _es_request using ELASTICSEARCH_URL) to fetch organization members, invitations, role definitions, and custom-role data (user-generated/untrusted content) and then use those responses to decide actions (auto-discover org ID, decide invitations/role assignments, reuse or create API keys), so third-party content is ingested and can materially influence behavior.