boligsiden

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches live data from the public Boligsiden API (BASE_URL https://api.boligsiden.dk), as documented in SKILL.md and implemented in handlers like cli/src/commands/search.ts, detail.ts and locations.ts, and it ingests and uses that untrusted third‑party listing data to choose caseIDs and drive follow‑up actions (search → detail → timeline), which could enable indirect prompt injection via the API responses.