dotnet-microsoft-extensions-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's workflow and docs (SKILL.md step 6 and references/official-docs/conceptual/data-ingestion.md plus the RAG/quickstart examples in references/examples.md) explicitly instruct building IngestionPipeline/readers that load content from cloud services, web APIs, file repositories and other external sources and then feed that content into RAG and tool-calling flows the model consumes—i.e., untrusted third-party content that can materially influence tool calls and agent behavior.