azure-ai-projects-py

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation and workflow (SKILL.md and references/tools.md, e.g., the BingGroundingTool/WebSearchTool and BrowserAutomationPreviewTool examples) show agents performing real-time web searches and opening web pages (public third-party content) which the agent is expected to read and use to drive tool calls and responses, exposing it to untrusted, user-generated web content that could inject instructions.