api-integration-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly states in Core Workflow (Gather Requirements) that "If user provides API documentation URL, fetch it and extract this information automatically," meaning it will fetch and parse arbitrary public API docs/URLs supplied by users and thus ingest untrusted third-party content.