langfuse-observability

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill directly fetches user-generated traces, prompts, and outputs from Langfuse (e.g., via scripts like scripts/fetch-traces.ts and scripts/list-prompts.ts using LANGFUSE_HOST), which the agent ingests and interprets—exposing it to untrusted third-party content that could carry indirect prompt injection.