blink-rag

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests content from arbitrary public URLs (see "Upload Methods" — example: blink.rag.upload(..., url: 'https://example.com/article') and the PDF publicUrl extraction flow) and then performs semantic/RAG aiSearch over those uploaded documents, so untrusted third‑party content would be read and could materially influence agent responses and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill shows a runtime fetch example using 'https://example.com/article' via blink.rag.upload(url: ...), which would retrieve external content and inject it into the RAG context used to generate AI answers, thereby allowing remote content to control prompts.