flowio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill parses arbitrary, user-supplied FCS files (e.g., via FlowData('sample.fcs'), read_multiple_data_sets(), and accessing flow.text/flow.analysis) and thus ingests untrusted third-party content (TEXT/DATA/ANALYSIS segments) that the agent will read and interpret.