data-files

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests arbitrary user-uploaded files via the Upload Flow (Web UI) — including PDF/HTML files routed to the data-base processor for text extraction/scraping — so the agent will read and interpret untrusted, user-provided third-party content.