performing-api-rate-limiting-bypass

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill actively issues HTTP requests to arbitrary external API endpoints (BASE_URL in SKILL.md and the --url argument / detect_rate_limit_headers and test_* functions in scripts/agent.py), reads response headers/status codes from those untrusted third‑party endpoints, and uses that content to decide and drive follow-on tests, so third‑party content can materially influence agent behavior.