amazon-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). The required runtime workflow can ingest outsider-authored free text from Amazon pages fetched at runtime (e.g., @reduck/amazon.com/search-products, get-product, list-category, and especially get-product-reviews which returns review body text from non-user authors), which the agent then places into the LLM context for summarization.