power-query-m

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and references/m-patterns-cookbook explicitly show runtime patterns that fetch and parse arbitrary public URLs (e.g., Web.Contents/Web.Page examples, the dynamic BaseUrl/GetPage pagination patterns, and MyConnector.Contents = (url) => Web.Contents(url)), so the agent would ingest untrusted third-party web content that can influence parsing and follow-up actions.