use-graphql-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly requires calling external GraphQL endpoints (e.g., "gh api graphql" for GitHub and curl to generic endpoints in Step 1 and the Execute/Parse steps) and parsing user-generated responses (issues/discussions, schema introspection results) which the agent reads and uses to construct and chain further operations, so untrusted third-party content can influence subsequent actions.