scaffolding-fastapi-dapr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The required runtime workflow includes Dapr pub/sub and Jobs handlers that call await request.json() on incoming HTTP requests (CloudEvent/job payloads), which are outsider-authored free-form text from external publishers/schedulers and then get placed into the agent’s LLM context via task_data/job_data processing (e.g., Task.model_validate(task_data)).