langsmith-trace-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly downloads LangSmith trace JSON (via scripts/download_traces.py using the langsmith-fetch CLI and the LangSmith SDK) and then parses/analyzes trace "messages" in scripts/analyze_traces.py, which are user-generated/untrusted runtime content (prompts, outputs, metadata) that the agent reads and interprets, enabling potential indirect prompt injection.