logfire

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill documents instrumentation of HTTP clients (references/integrations.md: HTTPX/requests/aiohttp) and LLM integrations (e.g., instrument_pydantic_ai) and explicitly mentions "automatic request/response spans" and tracing agent interactions, which means it can capture and display arbitrary responses or user-generated content from open third‑party URLs as part of its runtime workflow.