ms-customer-stories

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly queries and scrapes public pages from the Microsoft Customer Stories site (search via scripts/search_stories.py POST to https://www.microsoft.com/msstoreapiprod/api/customerstoriessearch and page fetches via scripts/fetch_story.py GET from https://www.microsoft.com/en/customers/story/...), then parses and summarizes that content as part of its core workflow, exposing the agent to untrusted public web content that could influence its outputs.