best-practices

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill fetches a SharePoint file at runtime (example site URL shown: https://contoso.sharepoint.com/sites/Internal/Shared%20Documents/Glossary/acronyms.txt) via a KnowledgeSource and injects the CSV content into Global.Glossary which is then placed into agent instructions, so external content directly controls the orchestrator prompt.