cursor-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly allows adding external docs via "@Docs -> Add URL" and tagging docs/files for context, meaning the agent fetches and ingests arbitrary public URLs or third‑party documents as part of its workflow, exposing it to untrusted content that could carry indirect prompt injections.