neo4j-import-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly includes fetching and ingesting external, potentially untrusted sources (e.g., apoc.load.json('https://api.example.com/persons'), cloud storage schemes s3://, gs://, https:// for neo4j-admin --schema, and apoc.load.csv/json examples) and then directly driving Cypher write workflows (CALL (... ) IN TRANSACTIONS / driver batch writes), so third‑party content can be read and materially influence actions.