byok-custom-model

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's onboarding explicitly requires the user to paste a provider's public API example (SKILL.md step 1), which parse_example() ingests and whose output is used by add()/add_template() to register endpoint/base_url/upstream_model, so untrusted third‑party (user-provided or public docs) content is read and can directly change agent behavior.