rf-requests

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's test workflows explicitly perform HTTP requests to external, potentially public endpoints (e.g., GET/POST to https://jsonplaceholder.typicode.com in assets/examples/basic-crud.robot and GET of returned avatar_url or Location headers in SKILL.md/examples), parse response.json(), extract tokens/URLs, and then use those values to drive subsequent requests—demonstrating ingestion of untrusted third-party content that can influence follow-up actions.