google-gemini-embeddings

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's RAG workflow (templates/rag-with-vectorize.ts and related examples) ingests arbitrary user-provided/public documents via the POST /ingest endpoint and then uses the stored Vectorize results' metadata.text as context for LLM generation—so untrusted third‑party content can directly influence generation and subsequent tool actions.