status-page-monitoring

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and parses public status APIs and web pages (e.g., https://stats.uptimerobot.com/api/getMonitorList/{PAGE_ID}, https://paypal-status.com/api/v1/components, generic status.example.com/api endpoints, and scraping/rendering of pages like AWS Health via lynx or WebFetch) and instructs the agent (Claude) to read and interpret that external, user/third-party content as part of its monitoring workflow, exposing it to untrusted input that could carry indirect prompt injection.