json-data-visualizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's "API Response Inspection" workflow explicitly fetches and loads public third‑party API responses (e.g., requests.get("https://api.crossref.org/works/10.1038/nature12373") and mentions PubMed/OpenAlex), so external, untrusted JSON from the open web is ingested and used to drive visualization/inspection that could influence downstream parsing or actions.