pubfi-dsl-server-contract

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's POST /v1/dsl/query endpoint executes queries against OpenSearch and returns document fields and aggregation results (documents, titles, tag_slugs, sources) which are untrusted third‑party content the agent is expected to read and interpret.