adk-frontend

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and processes user-generated content from Botpress Cloud and bot tables (e.g., client.findTableRows on TicketsTable/MessagesTable, client.getAccount(), and Zai extract/summarize calls), so it ingests untrusted third‑party/user content from those sources that could enable indirect prompt injection.