data-client-rest-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill instructs creating RestEndpoint clients that use a configurable urlPrefix (e.g., process.env.API_URL or hardcoded URLs) and includes code to fetch and parse HTTP responses (parseResponse, process, parseCSV, fetchResponse), which means it will ingest and interpret content from arbitrary third‑party APIs/URLs.