ai-provider-openai-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly uses the Responses API with built-in web_search/file_search tools (Pattern 3 in SKILL.md) and includes examples that fetch external URLs and image_url inputs (examples/embeddings-vision-audio.md and examples/core.md), so the agent ingests public/untrusted web pages, files, and images as part of its workflow which can materially influence tool calls and subsequent actions.