Langsmith Traces

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's CLI and scripts (scripts/query_traces.py and scripts/query_traces.ts, and SKILL.md) call the LangSmith API via Client.list_runs to fetch traces and (with --include-io or --full) retrieve inputs/outputs from traces—which are user-generated/untrusted content—and the tool prints/exports that data (e.g., traces export --full for dataset generation), so third-party content is ingested and can materially influence subsequent actions.