rivetkit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — SKILL.md explicitly instructs actors to fetch and process external, potentially user-provided URLs (e.g., the Workflows example with processTask(url) and the workflow fetch calls, the authentication example that POSTs to an external auth provider, and the "AI and User-Generated Rivet Actors" deployment flow), so untrusted third‑party content is ingested at runtime and can materially influence actions and decisions.