lseg-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to monitor and fetch data from Refinitiv Workspace web endpoints (e.g., workspace.refinitiv.com Codebook/FundDetails), to capture API requests and extract IndexedDB field definitions (see references/api-discovery.md and SKILL.md), meaning the agent will ingest and act on third-party web content that can materially drive subsequent queries and tool actions.