typeform

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly instructs using the Typeform Responses and file-download endpoints (e.g., "curl ... /forms//responses" and the /files/ download URL) to retrieve user-submitted form responses and uploads, which are third-party user-generated content the agent would ingest and could contain instructions enabling indirect prompt injection.