download-swagger-file

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts/download.js explicitly fetches and saves OpenAPI JSON from an arbitrary user-supplied URL (using fetch(url)), meaning the agent will ingest untrusted third-party content from arbitrary web pages to be read/interpreted (e.g., for generate-ts-models).