inngest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill’s AI Pipeline example (references/patterns.md) explicitly fetches and extracts text from event.data.fileUrl (extractTextFromPDF) and then chunks/embeds that content, which means the agent ingests and interprets untrusted, user-provided documents/URLs as part of its workflow.