rivetkit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md includes a "Workflows" example where tasks contain a url and the worker calls fetch(url) to process that URL (and acts on the result), and the "AI and User-Generated Rivet Actors" guide discusses deploying/running user-provided actor code — both clearly ingest untrusted third-party content (arbitrary URLs and user-generated code) that can influence runtime behavior.