eval-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly instructs downloading external datasets in Pattern C (vitest.setup.ts example using fetch("https://example.com/dataset.json")) and pulling LangSmith examples in Pattern D (client.listExamples()), and those untrusted/user-curated items are ingested as test cases that drive runner.run and test assertions, so third‑party content can materially influence agent behavior.