datocms-cma

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly includes fetching and ingesting external URLs (references/migration-patterns.md "Upload Migration from External URLs" uses client.uploads.createFromUrl to pull arbitrary URLs) and also suggests running LLM-driven edits on serialized record content (references/editing-records.md Pass 1 — "LLM / regex / diff-merge on text"), meaning the agent will consume untrusted, third‑party/user-provided content that can influence subsequent actions.