boliga

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill directly calls the public Boliga API (https://api.boliga.dk/api/v2) from multiple required commands (search, sold, detail, property, suggestions, etc.), consuming untrusted public listing/BBR data and suggestion results which the agent reads and uses to drive follow-up actions (e.g., using returned ids/ouId/addresses to make further API calls), so third-party content can materially influence tool use and decisions.