setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's setup and runtime docs (SKILL.md and the reference files like references/ag-ui.md, references/langgraph.md, references/a2a.md and references/custom-backend.md) explicitly instruct fetching from or connecting to external URLs (e.g., --preset in SKILL.md, HttpAgent.url / NEXT_PUBLIC_AGUI_AGENT_URL, LangGraph Client apiUrl, and fetch-based stream endpoints) whose streamed events and tool-call payloads are parsed by the runtime and can directly drive tool calls and agent behavior, so untrusted third‑party content can materially influence actions.