azure-mgmt-apimanagement-dotnet

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's references/apis-operations.md explicitly shows importing an OpenAPI spec from an external URL (e.g., Format = ContentFormat.OpenApiJsonLink and Value = "https://petstore.swagger.io/v2/swagger.json"), which means the agent can fetch and parse arbitrary public third-party content (untrusted OpenAPI files) as part of its workflow.