adk-agent-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required documentation (e.g., references/getting-started.md and references/task-mode.md) includes explicit workflow examples like extract_text(url) and search_web(query) that ingest content from arbitrary public URLs/web searches and feed that content into agents' instructions and tools, exposing the agent to untrusted third-party content that can influence behavior.