bats-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Pattern 3 REST API tests define a request_json helper that uses curl to fetch the (user-supplied) API_BASE_URL and then reads/parses HTTP_BODY with jq, which clearly ingests and interprets arbitrary/untrusted third-party HTTP content.