api-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflows instruct running Postman/Bruno collections against arbitrary baseUrl endpoints and explicitly parse and act on API responses (e.g., pm.response.json(), pm.environment.set(), bru.setVar(), pre-request/post-response scripts and request-chaining in reference/postman-patterns.md and reference/bruno-patterns.md), so untrusted third‑party API content can be ingested and influence subsequent tool actions.