api-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly integrates Postman MCP (see "Using Postman MCP" and the configuration with POSTMAN_API_KEY / mcp-postman) and states Claude can list and execute collections from a user's Postman workspace, which means the agent fetches and interprets user-generated Postman collections (third‑party content) that can materially influence tool execution and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's Postman MCP manual install instructs cloning and building remote code from https://github.com/shannonlal/mcp-postman.git which the skill then runs as a required MCP server (git clone + pnpm install/build and node on the built index.js), so external code is fetched and executed at runtime to provide agent functionality.