faion-ml-engineer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly performs and routes to web_search/web agent retrieval of public web content (e.g., agentic-rag/examples.md and the Corrective RAG workflow where web_search calls tavily_search.search, plus numerous prompts and templates routing queries to "web_search"), so untrusted third‑party webpages are fetched and directly fed into retrieval/grading/generation steps that can change agent actions.