perigon-api-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and process open/public third‑party content (news articles and webpage content via endpoints like /v1/articles/all, /v1/stories/all, /v1/vector/news/all, /v1/wikipedia/all and /v1/vector/wikipedia/all) and to use that content as input for summaries and vector searches (e.g., /v1/summarize), so untrusted web/Wikipedia content can directly influence the agent's decisions and tool use.