download-openapi

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads OpenAPI JSON from arbitrary remote URLs (see usage: "aptx-ft input download --url " and example "https://api.example.com/swagger.json") and then passes the downloaded file to downstream skills ("Pass the file path to other skills"), so untrusted third-party content from public sites is ingested and can influence subsequent actions.