api-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's examples (examples/orchestkit-api-design.md and SKILL.md) show a POST /api/v1/analyze endpoint that accepts arbitrary external URLs and starts a background run_workflow_task which detects content type and extracts/analyzes the fetched webpage, meaning the agent will fetch and interpret untrusted third‑party web content as part of its workflow (possible indirect prompt injection).