api-http-test

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's run_http.sh (and SKILL.md usage) explicitly makes real HTTP requests to arbitrary base_url/path configured in .skills/api-http-test/http.toml and then reads/parses response bodies (including get_token_from_login in scripts/run_http.sh and persisted Set-Cookie handling) to extract auth tokens and cookies that are reused for subsequent requests, so untrusted third-party responses can materially influence the agent's behavior.