python-sdk-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to scrape and ingest arbitrary public web pages and social/social-media/forum content (e.g., client.scrape_url in "Pattern 1: Web Scraping" and the platform-specific scrapers for LinkedIn/Reddit/Instagram/YouTube, plus SERP and datasets examples), meaning untrusted third-party content is fetched and returned into the agent's workflow where it could influence subsequent actions.