molykit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes an OpenAIClient and BotClient flows (e.g., OpenAIClient::send and parse_sse) that POST to configurable external API URLs (like https://api.openai.com/v1 or user-provided endpoints) and parse SSE streaming completions into MessageContent.text/citations, so the agent will ingest and render arbitrary third-party responses.