connectors-execute

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md) directs the agent to call airbyte-agent "connectors execute" (e.g., actions like context_store_search and list against connectors such as HubSpot/Slack shown in examples) to fetch and interpret entity data from external connectors, which are untrusted/user-generated sources and are explicitly used to drive follow-up actions (e.g., resolving an ID then querying another entity).