adk-deploy-guide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's event-driven documentation (references/event-driven.md) defines Cloud Run endpoints for Pub/Sub, Eventarc, and BigQuery triggers that decode external payloads and call _run_agent / run_async with that text, meaning arbitrary/untrusted third-party messages are ingested and can directly influence agent behavior.