airbyte-sdk-reference

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md examples (claude-sdk.md and pydantic-ai.md) explicitly show the agent calling typed connectors like JiraConnector and SlackConnector via connector.execute to read and act on user-generated third-party data (Jira issues, Slack messages, Stripe customer records), so the agent ingests untrusted third‑party content that can materially influence tool use and next actions.