flutter-http-and-json

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to perform HTTP GET/POST/DELETE requests to external APIs (e.g., ApiService.fetchItem and fetchLargeItemList using Uri.https('api.example.com', '/items')) and to parse their JSON responses, which clearly ingests untrusted third‑party content as part of its workflow.