agno

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's reference docs and examples (e.g., references/agents.md showing knowledge.insert(url="https://docs.agno.com/introduction.md") and the knowledge/tools references listing web readers and web/search toolkits like Firecrawl, Crawl4AI, DuckDuckGo/Google) show the agent fetching and ingesting arbitrary public URLs and search results which the agent is expected to read and use to drive decisions and tool calls, exposing it to untrusted third‑party content that could contain indirect prompt injections.