langsmith-dataset

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill uses the LangSmith API (see fetch_traces_with_data calling client.list_runs in scripts/generate_datasets.py and scripts/query_datasets.py) and extracts user/model messages and retrieved documents (e.g., find_retrieval_data reading run.outputs["documents"]/page_content), so it ingests untrusted, user-generated third‑party trace/content that the agent reads as part of dataset generation.