langsmith-trace

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's CLI and docs (SKILL.md and scripts/query_traces.py / scripts/query_traces.ts) call the LangSmith Client (client.list_runs / client.read_run) to fetch traces/runs and explicitly expose run.inputs and run.outputs via --include-io / --full and traces export/get, meaning it ingests untrusted, user-generated trace content from the third-party LangSmith service that could contain instructions affecting downstream analysis or dataset generation.