te-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to use pbi-search and fetch documentation from public sites (e.g., https://docs.tabulareditor.com/, https://dax.guide/, https://www.sqlbi.com/, Microsoft Learn, Data Goblins) as part of the "Agent search workflow", so the agent will ingest and act on untrusted, user‑generated or third‑party web content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly fetches external documentation into the agent context at runtime using the pbi-search CLI (example: "pbi-search fetch https://docs.tabulareditor.com/features/workspace-mode"), which means remote content (https://docs.tabulareditor.com/ and similar sites) can directly influence prompts; pbi-search itself is installed from https://github.com/data-goblin/pbi-search.