adk-integrations

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to run live CLI queries (e.g., "Start with CLI commands — Use adk search, adk info, adk list" in SKILL.md) to fetch integration metadata from the Hub and to call the browser integration's actions (e.g., references/common-integrations.md and lifecycle.md show actions.browser.webSearch and browsePages) which scrape arbitrary public web pages, so the agent will ingest untrusted third‑party content that can influence its decisions and tool use.