motherduck-explore

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Exploration Playbook explicitly instructs listing and attaching shared databases (e.g., "FROM MD_INFORMATION_SCHEMA.SHARED_WITH_ME" and "ATTACH '<share_url>' AS shared_db;") and then previewing/querying their rows and comments, which causes the agent to fetch and interpret content from potentially untrusted, user-provided shares.