intervals-icu

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly directs the agent to call the public Intervals.icu API (e.g., /athlete//activities, /athlete//events, /activity/) to fetch user-generated activity and event descriptions from a third-party site, which the agent is expected to read and could use to drive subsequent actions.