grovebook

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes cells that fetch and parse external/untrusted data (e.g., the reactive-variable example using fetch("https://api.example.com/data"), the Game of Thrones loader which reads CSVs via gxr.files.get('Characters.csv'), and Inputs.file/Inputs.url inputs), so the agent can ingest and interpret arbitrary third-party or user-provided content at runtime.