arcgis-map-tools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly calls public ArcGIS REST endpoints (e.g., the identify URL https://sampleserver6.arcgisonline.com/... , routeUrl https://route-api.arcgis.com/..., and the print service https://utility.arcgisonline.com/...) and parses/acts on returned layer features, directions, and attributes as part of its workflows (opening popups, adding routes, using feature attributes), which exposes the agent to untrusted third‑party content that can influence behavior.