airbyte-sdk-reference

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The docs and examples (e.g., claude-sdk.md and pydantic-ai.md) show the agent calling typed connectors (connector.execute(), list_entities(), etc.) to read Jira/Slack/Stripe data and then act on it (e.g., "Find open bugs in Jira and post a summary to #engineering"), which clearly ingests untrusted/user-generated third‑party content that can influence subsequent tool use and decisions.