data-engineering-orchestration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes runtime code that fetches and ingests open third‑party content (e.g., Prefect's unreliable_api_call using requests.get(url), DuckDB/httpfs and Polars reading parquet from s3://... and GCS paths, and dbt examples using aws_s3.table_import_from_s3), so the agent would read arbitrary external/user‑provided data as part of its workflows.