redmine-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and reads data from a user-specified Redmine instance (REDMINE_BASE_URL) via GET endpoints such as /issues/.json (see SKILL.md, references/endpoints.md, and scripts/redmine_api.py), which can contain untrusted user-generated content (issue descriptions/journals) that the agent is required to read and use to decide follow-up API actions.