itemized-functions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly requires real execution against external APIs and services (e.g., Phase 3 example calling Ollama, Phase 4 "Real execution — Actually call the APIs", and Phase 8 report that captures "Sample API Response (sanitized)"), so it ingests untrusted third‑party API/webhook responses as part of its workflow which could embed instructions that influence behavior.