vectorize

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md RAG pipeline example explicitly builds a system prompt from results returned by env.SEARCH_INDEX.query (using match.metadata?.text and metadata like urls) — content that can come from arbitrary/public/user-provided documents stored in the index — so untrusted third‑party text could be injected into the model context and influence behavior.