api-portal-discovery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). SKILL.md explicitly instructs the agent to fetch and parse untrusted public third-party content — e.g., probing API subdomains, retrieving OpenAPI/Swagger files (like /openapi.json), robots.txt, developer portals, and performing GraphQL introspection — and to extract metadata and drive discovery, so that external content can materially influence subsequent analysis and actions.