api-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md instructs the agent to send GET/POST requests to absolute URLs (e.g., https://httpbin.playground.helpmetest.com) and to parse/chain response fields (Get Response Field) so arbitrary public HTTP endpoints can provide untrusted, user-controlled content that directly influences subsequent requests and test logic.