dlt-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's declarative REST API and custom-source patterns (see SKILL.md, references/rest-api-source.md, and the declarative_rest_pipeline.py and examples that call public endpoints like pokeapi.co, api.github.com, api.weather.com) instruct the agent to fetch and ingest data from arbitrary public APIs and platforms (e.g., GitHub issues), so the agent will read untrusted, user-generated third-party content as part of its workflow.