arize-prompt-optimization

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md instructs the agent to export and parse production traces, datasets, and experiment runs (e.g., via "ax spans export --trace-id TRACE_ID", "ax datasets export DATASET_ID", "ax experiments export EXPERIMENT_ID") and to read fields like prompt text, eval_explanations, and outputs—i.e., it ingests arbitrary user-generated/untrusted trace and dataset content which the meta-prompt uses to change prompts and drive next actions.