filament-pro

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes runtime examples that ingest and display untrusted, user-provided content — for example the Import Action that reads uploaded files (references/actions.md: Excel::import($import, $data['file'])), URL actions that open record-provided websites (references/actions.md: Action::make('visit')->url(fn (Post $record) => $record->website)), and rich/text/image fields (RichEditor, FileUpload, ImageEntry) that render user-generated content — so the agent would process/read arbitrary third-party input.