datocms-cma

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow explicitly ingests untrusted third‑party content — e.g., asset uploads from arbitrary URLs via client.uploads.createFromUrl (references/migration-patterns.md / references/uploads.md) and reading structured text from the CMS for LLM-driven edits (references/editing-records.md shows "LLM / regex / diff-merge on text"), so public/web or user-generated content can be fetched and then used to drive subsequent actions.