javascript-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly shows agents performing web searches and ingesting arbitrary public URLs—see the RAG pattern / search tool in references/agent-patterns.md (tavily/search-assistant@latest), the browser-automation examples in references/sessions.md, and the "Working with URLs" section in references/files.md—so the agent will fetch and read untrusted third‑party content.