genai-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly demonstrates and instructs using tools that fetch and ingest arbitrary public URLs and web search results (e.g., the Url Context example in references/structured_and_tools.md, the Search Grounding example in the same file, and the YouTube URL example in references/text_and_multimodal.md), which means the agent will read untrusted, user-provided third‑party content and can use it to influence subsequent actions.