data-cloud-2025

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and indexes untrusted public/user-generated sources (e.g., "Social media content", "Web content", and external documents from S3/Azure/Google Drive" in the "Data Cloud Vector Database" section) and the SemanticSearchService / Agentforce actions read and return that content at runtime, creating a clear path for indirect prompt injection.