spice-data-connector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly supports connectors that fetch and ingest open web and user-generated content — e.g., github:github.com/... (GitHub issues), https:// URLs, S3/HTTP object stores and document file connectors that produce a content column — meaning the agent will read and act on untrusted third-party content as part of its workflow.