flowerpower

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests arbitrary external data as part of its pipelines (e.g., list_s3_files/read_s3_file using fsspec to read S3/GCS/parquet files from config-provided URIs and fetch_external_api which calls external HTTP APIs), so untrusted third-party or user-provided content will be read and interpreted at runtime.