performance-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes an APIClient.fetch(url) implementation using aiohttp (async with self.session.get(url) -> return response.json()), which clearly fetches arbitrary external URLs and would cause the agent to ingest untrusted third-party web content.