investigating-metric-anomalies

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill’s runtime workflow ingests outsider-authored free text via query-logs (and potentially query-apm-spans), because log lines are authored by external systems/users and are fetched at runtime and then provided to the agent/LLM as readable text.