openrouter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and parses public pages and API data from openrouter.ai (e.g., curl https://openrouter.ai/api/v1/models and provider/rankings pages opened via browser automation) which are third‑party web content (including user ratings/rankings) that the agent is expected to read and could carry untrusted, user-generated input.