langchain-architecture

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly shows use of web search and external content ingestion (e.g., load_tools(["serpapi", ...]) in the Quick Start and search-oriented agent types like "Self-Ask with Search", plus generic "Document Loaders" that can pull from public sources), so the agent may fetch and read untrusted public/web user-generated content during its workflow.