langsmith-fetch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly runs the langsmith-fetch CLI against LangSmith Studio (e.g., "langsmith-fetch trace " and "langsmith-fetch threads") to ingest and analyze traces/threads (user-generated third‑party content), which the agent is required to read and use to decide fixes and actions, so untrusted content could carry indirect prompt-instructions.