distributed-systems

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly lists and integrates external public APIs (e.g., "OpenAI API, Anthropic API, YouTube Data API, GitHub API, arXiv API" in checklists/circuit-breaker-setup.md) and includes LLM fallback chains and token-budget/retrieved_docs logic (e.g., LLMFallbackChain, TokenBudgetGuard) that ingest retrieved public documents into prompts, so untrusted third-party content can be read and materially influence agent actions.