express-microservices-architecture

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes runtime ingestion of external, potentially untrusted API responses (e.g., axios.get('https://external-api.com/users/${userId}') in ExternalApiService) and an API Gateway that proxies to environment-configurable service URLs (process.env.* SERVICE_URLs), so the agent would read/forward third‑party content as part of its workflow.