kavak-documentation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md workflow's "Complement if Needed" step explicitly instructs the agent to use external sources ("Context7 for external library docs" and "Web search for general patterns") and the references include public URLs (e.g., gitlab.com, example.com, developer-portal.prd.kavak.io), which means the agent is expected to fetch and interpret untrusted third-party web content that could influence decisions and actions.