langfuse-extraction

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill calls the Langfuse Cloud API (cloud.langfuse.com) via langfuse.api.trace.list and trace.get (see scripts/extract_traces.py and SKILL.md/reference files) to ingest traces and observation fields (obs.input, obs.output, metadata) that are user-generated/untrusted and are read and processed as part of the workflow, so third-party content could carry instructions that influence analysis or next actions.