plane-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill makes HTTP requests to a configurable PLANE_BASE_URL via api_request (uses urllib.urlopen) to fetch Plane work-item data (e.g., list_work_items calling /api/v1/... endpoints), which are user-generated/untrusted work items that the agent ingests and returns—so third-party content could influence downstream decisions.