feature-flags

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's generateResponse function (and the ML model/infra flag code) fetches and returns data from configurable modelVariant.endpoint (and healthEndpoint) URLs, which are arbitrary external endpoints whose responses the agent reads and could contain untrusted, user-provided instructions.