working-with-ms-agent-framework

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's DevUI explicitly exposes file uploads (multimodal inputs) and directory discovery/auto-loading of entity code, meaning the agent will ingest and render untrusted user-provided content from users or external files as part of its workflow.