axiom-health

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs ingesting and parsing third-party clinical FHIR data (see skills/clinical-and-mobility.md and the parse(resource: HKFHIRResource) example, which references HKFHIRResource.data and sourceURL) — these are provider/user‑supplied, untrusted payloads that the agent is expected to read and that can materially affect behavior (displaying clinical event dates, parsing fields, etc.).