langgraph-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly describes and includes runtime workflows that fetch and consume open web/document sources—e.g., SKILL.md and the RAG section mention "集成向量存储和文档检索", references/api_reference.md defines a web search ToolNode ("search_web"/search_web) and assets/templates/multi_agent/README.md shows a ResearchAgent calling web_search and synthesizing web_results—so untrusted, user-generated third‑party content is read and used to drive agent decisions.