modelslab-model-discovery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill calls public ModelsLab APIs (e.g., GET https://modelslab.com/api/agents/v1/models and /models/{modelId}) and the SKILL.md workflows explicitly read model listings and endpoint parameter JSON schemas from those responses to choose models and drive downstream actions, which means untrusted third‑party (provider/user-supplied) content can directly influence agent decisions and tool use.