vercel-ai-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's docs and workflows explicitly show forwarding and consuming web sources and external resources (e.g., references/Chatbot.md — "sendSources: true" which exposes provider source-url web pages like Perplexity/Google, and SKILL.md / references mentioning MCP clients and dynamic/custom providers/tools that ingest external web resources), so untrusted public web content is read and integrated into model responses and tool-calling flows and can therefore influence subsequent actions.