api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to fetch and consume arbitrary user-uploaded document content (e.g., via the public preview endpoint GET /v1/preview/{token} and the text_url returned in GET /v1/jobs/{job_id}), and the SKILL.md shows the agent reading that content as part of its processing workflow, which could allow untrusted third-party content to influence agent actions.