prompt-engineer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly expects ingestion of retrieved third‑party content — e.g., "Example 2: RAG Retrieval Pipeline Prompt" uses {{retrieved_chunks}} and requires the agent to "Answer the user's question using ONLY the provided context", "Example 3: Agent Routing Prompt with Tool Selection" lists a search(query) tool for factual/current-events lookups, and references/rag-architecture-patterns.md §5.2 describes retrieval/context injection patterns — together these show the agent will fetch and act on untrusted public web/user-generated content, enabling indirect prompt injection.