home-assistant-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to fetch documentation from public GitHub raw URLs (see references/dashboard-cards.md and references/domain-docs.md), meaning the agent will ingest and act on open third‑party content that can influence its tool use and decisions.