eino-component

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly supports loading web pages via the URL loader (reference/document/pipeline.md with example loader.Load(ctx, document.Source{URI: "https://example.com/page"})) and includes web/search/HTTP/browser tools (reference/tool/*) that fetch arbitrary public URLs/search results, so the agent ingests untrusted third‑party content which can be read and used to influence retrieval, tool calls, and subsequent actions.