arcgis-layers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md and AGENTS.md explicitly instruct loading and using external data from public URLs (e.g., GeoJSONLayer url "https://earthquake.usgs.gov/.../all_month.geojson", CSVLayer/ParquetLayer/GeoRSSLayer examples, WebTileLayer urlTemplate and the "Is it a file or URL to raw data?" flow), meaning the agent will fetch and interpret arbitrary third‑party web content as part of its workflow, which can materially influence queries, rendering, and subsequent actions.