javascript-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill docs show agents explicitly using web search and browsing/external URLs—e.g., the RAG pattern with a search tool (references/agent-patterns.md), internalTools().webSearch(true) (references/tool-builder.md), browser automation that navigates public sites (references/sessions.md), and “Working with URLs” for input files (references/files.md)—which cause the agent to fetch and interpret untrusted public web/user-generated content that can influence subsequent tool calls and decisions.