sinch-mailgun-inspect

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and processes arbitrary public URLs and HTML via the Link and Image Validation endpoints (see SKILL.md "URLs and HTML" and references/api-endpoints.md link/image sections), instructs the agent to submit those untrusted inputs to Mailgun and poll/parse the returned JSON results as part of workflows (including CI/CD decisions), so third‑party content fetched/ingested can materially influence actions.