ai-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests untrusted external content — e.g., analyzeImageWithClaude(imageUrl) passes arbitrary image URLs to Anthropic for analysis and the RAGSystem builds answers from documents indexed/retrieved from Pinecone (see indexDocuments and buildDocumentQA), so third‑party/user‑generated content is read and can directly influence model outputs.