langchain-architecture

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly loads web-search tools (e.g., load_tools(["serpapi", ...]) in the Quick Start) and describes document loaders/retrievers for external sources, meaning the agent can fetch and ingest untrusted public web/social content (SerpAPI/search results) that could contain indirect prompt injections.