box

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly reads and lists user-generated files from Box (via Apideck's File Storage API — see SKILL.md examples like the apideck.fileStorage.files.list call and the Proxy API pointing to Box endpoints such as https://unify.apideck.com/proxy and the Box connector URL), which means the agent will ingest untrusted third‑party content that could contain instructions influencing subsequent actions.