microsoft-extensions-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow and docs explicitly recommend using Microsoft.Extensions.DataIngestion / IngestionPipeline to read documents from cloud services, web APIs, Git repositories and other external sources (see SKILL.md and references/official-docs/conceptual/data-ingestion.md), which means untrusted, user/third‑party content can be ingested and used in RAG flows that materially influence model prompts and tool invocation.