opik

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's reference docs (e.g., references/observability.md and references/tracing-python.md) include explicit runtime examples that accept and process arbitrary remote URLs (e.g., analyze_remote_image(image_url), process_media(url) / vision_model.analyze_url), which means the agent is instructed to fetch and act on untrusted third‑party content that can influence tool calls and outputs.