azure-ai-document-intelligence-ts

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly shows Analyze Document (URL) and related examples that pass arbitrary urlSource/documentUrl values (e.g., "Analyze Document (URL)", "Extract Invoice/Receipt", "Classify Document") so the agent fetches and ingests untrusted public URLs for analysis, which could contain instructions that influence subsequent decisions.