azure-ai-formrecognizer-java

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and references/examples.md explicitly show analyzing documents from external URLs (e.g., client.beginAnalyzeDocument with documentUrl set to https://raw.githubusercontent.com/... and https://example.com/...), which fetches and ingests public, untrusted third-party content that the agent parses and uses to drive decisions, enabling potential indirect prompt injection.