adaptyv

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill clearly fetches and ingests data from the public Adaptyv API (base URL https://kq5jp7qj7wdqklhsxmovkzn4l40obksv.lambda-url.eu-central-1.on.aws) — e.g., GET /experiments/{experiment_id}/results and the returned download_urls in reference/examples.md and reference/api_reference.md — and the agent is expected to parse those results and download files which directly influence downstream selection, ranking, and pipeline actions, so untrusted third-party content could alter behavior.