datadata-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly calls the public search endpoint (/api/search-engine/indexes/datasource/search) and the CLI's search-datasource flow (see references/api.md and scripts/datadata_query.py:run_search_datasource), ingesting community/public datasource metadata (user-generated descriptions) and presenting/using those results (IDs) as inputs that can drive subsequent queries or table operations—so untrusted third‑party content is read and can materially influence tool actions.