spatial

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs the agent to fetch and query public Overture Maps data (e.g., via the STAC catalog at https://stac.overturemaps.org/catalog.json and s3://overturemaps-us-west-2/...) and to ingest POI/building/address records from those open, user-contributed datasets as part of its required workflow, so untrusted third-party content can influence queries and subsequent actions.