firebase-vertex-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill ingests and uses untrusted, user-generated content from Firestore and callable inputs—specifically in functions/src/vertex/analyze-content.ts and functions/src/vertex/rag-query.ts where document content and user-provided data are fed as context to Gemini/Vertex AI—so those third-party texts can materially influence model behavior and enable indirect prompt injection.