ai-provider-google-gemini-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly demonstrates fetching and ingesting external HTTP URLs and web content (e.g., examples/multimodal.md "External URL (Gemini 3+ Only)" with createPartFromUri("https://...") and examples/tools.md which uses the built-in Google Search tool), so the agent will read untrusted public web/forum/URL content that can influence its actions.