google-cloud-agent-sdk-master

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's references/SKILL.full.md (and the allowed-tools list) explicitly show use of WebSearch/WebFetch, a web_search_tool, and VectorSearchTool that retrieve public GitHub/docs and other web content (e.g., ADK docs, Agent Starter Pack) which the agent ingests and uses to influence generation and actions, exposing it to untrusted third-party content that could contain indirect prompt injection.