openrouter-typescript-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's examples (see "Complete Example: Agent with Tools" and the web_search tool definition) explicitly instruct the agent to run a web_search tool and consume search results/URLs (and allow image_url inputs), meaning the agent is expected to ingest open/public web content and external URLs (untrusted third‑party content) as part of its workflow.