api-cms-sanity

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill performs runtime reads of external Sanity content (public reads with useCdn: true and authenticated/preview reads) via client.fetch and client.listen as shown in SKILL.md and examples/core.md/examples/mutations.md, meaning it ingests third‑party (potentially user-generated/public) content that the agent is expected to interpret and that can influence subsequent actions (and the docs even warn about GROQ injection).