carto-trade-area-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflows explicitly ingest public, user-generated data (e.g., OpenStreetMap POI data referenced in the Note and ReadTable nodes and external example datasets loaded from https://storage.googleapis.com/carto-workflows-examples/ in multiple ReadTable/import nodes), and those tables are read and used to compute filters, enrichments, scores, and downstream actions — meaning untrusted third‑party content is parsed and can materially influence tool decisions.