wikidata-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill clearly fetches and parses public, community-contributed Wikidata content (e.g., Action API and Special:EntityData at https://www.wikidata.org, SPARQL via https://query.wikidata.org, and the vector DB at https://wd-vectordb.wmcloud.org) and uses those search results/entity JSON/claims to drive searches, entity selection, and identifier extraction, so untrusted third-party content can influence the agent's decisions and next actions.