langchain-components

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required examples and workflows explicitly show agents loading and ingesting public web and social content (e.g., the "RAG with Retrieval" example uses WebBaseLoader("https://example.com").load() and the Deep Agents "research agent" uses an internet_search/TavilyClient with include_raw_content=True), so untrusted third‑party text is read and can directly influence tool calls and agent decisions.