openbb-app-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's reference-analysis flow explicitly accepts and auto-analyzes external codebases and URLs (e.g., "URLs to GitHub repos, Streamlit Cloud, HuggingFace Spaces" in references/APP-INTERVIEW.md and support for web scraping/source URLs), so the agent will fetch and interpret untrusted third-party content as part of its workflow.