domo-custom-connector-ide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs connector code to call external APIs (e.g., the Authentication Pattern and Data Processing Pattern use httprequest.get to https://api.example.com/... and parse responseData, including following responseData.paging?.next?.link), which means the agent will ingest and act on untrusted third-party API responses that can change control flow and subsequent actions.