livekit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly documents and supports provider tools that fetch and parse open web content (e.g., openai.WebSearch(), openai.URL/XSearch, google.URLContext() in references/05-tools-function-calling.md and references/04-models-plugins.md), meaning the agent can ingest and act on arbitrary public third-party pages/search results as part of its tool-driven workflow.