writing-evals

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's API reference and templates explicitly show dynamic data loading (e.g., data: async () => fetch('https://api.example.com/test-cases') ...) and describe onlineEval operating on live production traffic, so the agent is expected to ingest and act on untrusted, user-provided third‑party content as part of its eval workflow.