ai-assisted-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation (references/orchestration-strategies.md, Strategy 5: "Attempt 1" example) explicitly instructs agents to fetch an external OpenAPI spec from a public URL (e.g., https://api.external.com/openapi.json) and use that content to generate clients, so untrusted third‑party content is ingested and can directly influence subsequent tool actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill includes a runtime example that fetches an OpenAPI spec from https://api.external.com/openapi.json to generate client code, meaning remote content would directly control the agent's prompts/output and is treated as a required dependency for that workflow.