vector-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests arbitrary user-provided documents via the /rag/upload route and stores them as document_chunks/DocumentSource (source_uri), which the RAG pipeline and hybrid_search read and use to influence search results and downstream behavior—allowing untrusted third-party content to indirectly inject instructions.