scalar

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill fetches and merges OpenAPI JSON from configured service endpoints (see OpenApiAggregationService which fetches each service's /openapi/v1.json to build /openapi/aggregated.json) and also instructs using Context7 to query website documentation (library ID /websites/guides_scalar), so it ingests external/untrusted web-hosted content that the agent reads and interprets.