testrail-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill is an OpenAPI spec that instructs the agent to call arbitrary TestRail instance endpoints (e.g., GET /index.php?/api/v2/get_case/{case_id} and GET /index.php?/api/v2/get_attachment/{attachment_id} on https://{instance}), so the agent will ingest untrusted, user-generated TestRail content (cases, comments, attachments) as part of its workflow which could contain instructions that materially influence subsequent actions.