send-sms

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill allows calling arbitrary custom HTTP endpoints (see Example 7: provider_config.url) and explicitly makes POST requests and parses provider responses (Steps 4–5), so it ingests untrusted third‑party API responses that can influence status, error handling, retries, and control flow.