getting-started

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly configures agents to use web search and scraping tools (e.g., SerperDevTool and ScrapeWebsiteTool in "Using Agent.kickoff() Inside Flows" and the Tools Catalog) and shows flow examples that ingest result.raw from those third‑party web sources into downstream agent steps, so untrusted public web content can directly influence agent behavior.