evals

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's RAG and grader guidance (see use-cases/rag-agents.md and GRADERS.md) explicitly instructs agents to ingest and pass "sources"/"retrieved_docs" (including “random blogs, forums” as possible sources) into LLM graders (e.g., check_groundedness) and into agent workflows (retriever.search → answer), so untrusted third‑party content is read/interpreted and can materially influence grading and agent behavior.