log-analytics

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to fetch and sample documents from user OpenSearch indices (see "Sample Documents" / Phase 2 and the PPL query examples like source=<INDEX_PATTERN> | head 5 and the "Running PPL Queries" steps in log-analytics.md), meaning it ingests arbitrary user-generated/untrusted log content which can materially influence query construction and subsequent actions.