docuseal

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's CLI explicitly accepts remote document URLs and inline HTML/variable content that the agent will ingest and interpret as part of creating templates/submissions (see references/templates.md and references/submissions.md examples allowing documents[N][file]=https://example.com/doc.pdf, plus references/html-fields.md and references/docx-variables.md showing rendered HTML and conditional variables), so untrusted third-party content could be fetched and materially influence actions.