llamaindex

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's docs and examples show ingesters that load open web pages and public repos (e.g., SimpleWebPageReader/BeautifulSoupWebReader loading https://example.com and docs.python.org, GithubRepositoryReader), plus LlamaHub connectors for social sites (Slack/Discord/Twitter), and those ingested third‑party/user‑generated contents are read by query engines/agents as part of normal workflows, enabling indirect prompt injection.