vercel-ai-sdk-knowledge-patch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md and references/ai-sdk-4-features.md explicitly show runtime examples that fetch and stream external sources (e.g., createDataStreamResponse writing RAG source entries and the execute example using fetch(url)), meaning the agent can ingest arbitrary public URLs whose content could influence tool calls and subsequent decisions.