cx-rum

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow (SKILL.md Querying RUM Data and Key Fields) instructs the agent to query and analyze $d.cx_rum fields such as page_context.page_url, interaction_context.target_element_inner_text, network_request_context.url, and error_context.error_message—these are user-generated/untrusted third-party strings captured from web pages and users and are read and interpreted by the agent as part of its analysis.