track17

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and ingests untrusted third‑party data (API calls to https://api.17track.net/track/v2.2, the carrier list at https://res.17track.net/asset/…, and webhook payloads spooled into the inbox/webhook-server) and directly reads, stores, and summarizes fields like event descriptions/track_info, so the agent will parse and render arbitrary user-provided content.