findall-openapi

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly returns candidates with citation URLs and excerpts via endpoints like GET /v1beta/findall/runs/{findall_id}/result and streams candidate events via GET /v1beta/findall/runs/{findall_id}/events, and it supports external MCP server URLs for enrichment—indicating the agent will ingest and read untrusted public third-party content (arbitrary URLs/excerpts) as part of its workflow.