ai-rag-pipeline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill’s SKILL.md explicitly instructs pipelines that run third‑party web searches and URL extraction (e.g., belt app run tavily/search-assistant, exa/search, tavily/extract, exa/extract and the "URL Content Analysis" / "Search + LLM" examples) and then feeds those untrusted public search results and webpage content directly into LLM prompts, allowing external/user-generated content to influence agent behavior.