api-fuzzing-bug-bounty

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's Core Workflow explicitly instructs the agent to fetch and parse public third-party artifacts (e.g., Swagger/OpenAPI docs like /swagger.json or /openapi.json, GraphQL introspection responses, and archive.org lookups) from target/public websites, which the agent must read and act on to determine scanning and exploitation steps, exposing it to untrusted user-controlled content that could carry indirect prompt-injection payloads.