python-resilience

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — the skill's sample code (e.g., fetch_data, http_request, fetch_with_timeout, fetch_user_data) makes HTTP requests via httpx to arbitrary URLs and parses response.json(), so it clearly consumes untrusted public web content that the agent would read/interpret.