langsmith-trace

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts (scripts/query_traces.py) call langsmith.Client.list_runs to fetch traces from the LangSmith service and can include run "inputs" and "outputs" (via --include-io/--full), which may contain arbitrary/untrusted user-generated or third-party content that the agent will read and display.