ai-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The documentation explicitly describes agents and tools that fetch and ingest open web content (e.g., the "Tools" and "Toolsets" pages listing web-search and browser automation tools like @exalabs/ai-sdk, @parallel-web/ai-sdk-tools, Apify/Browserbase, MCPs, and the "Custom Download Function"/file URL examples in "Prompts") and describes RAG workflows that inject retrieved public documents into prompts, so untrusted third‑party content can be read and influence agent actions.