ida-plugin-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to fetch and summarize external public documentation (e.g., "Right now: read this intro guide: https://ida-domain.docs.hex-rays.com/getting_started/index.md" and "You can always ask a subagent to answer a question by exploring the documentation and summarizing its findings"), which requires ingesting open/public third‑party web content that can influence subsequent actions.