mintlify

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs a research sub-agent to fetch and parse open/public Mintlify documentation (e.g., https://www.mintlify.com/docs/llms.txt and https://www.mintlify.com/docs/{path}.md) and to use that content to drive its responses and actions, which exposes the agent to third‑party web content that could carry indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs the research sub-agent at runtime to fetch https://www.mintlify.com/docs/llms.txt (and then multiple https://www.mintlify.com/docs/{path}.md pages) and inject those remote documents into the agent's context to drive answers, so external content is fetched during runtime and directly controls prompts.