kairos

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to call the Kairos Neo API which “searches across multiple platforms” (Taobao, Ele.me, Meituan, etc.) and returns product listings, click/tracking URLs and other third‑party content that the agent must read, format, display, and act on (see "Multi-Source Routing", the POST /ads/neo API and "Presenting Results" sections), so untrusted external content can materially influence agent behavior.