data-importer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md and its references explicitly ingest and interpret external, user-provided data sources (CSV/Excel/Shopify exports) — e.g., "Extract columns", "Show you all columns with sample values" in SKILL.md and references/shopify-format.md — so untrusted third‑party content is read and used to drive mapping, transformations, and downstream actions, creating a clear avenue for indirect prompt injection.