embedding-pipeline-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's WebLoader (pipeline/web-loader.ts) fetches and parses arbitrary public web pages and sitemaps (via loadUrl and loadSitemap) and the pipeline.ingestUrl flow ingests that untrusted, user-generated third‑party content for preprocessing, chunking, and embedding, so the agent will read and interpret external web content that could contain indirect prompt injection.