arcgis-portal-content

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly loads and queries ArcGIS Portal items and group content (e.g., new Portal()/portal.queryItems, PortalItem.load, and loading WebMap/WebScene JSON from https://www.arcgis.com and other portal URLs) and then programmatically reads and applies that content (slides.applyTo, bookmark-driven layer filters, layer URLs), which exposes the agent to untrusted user-generated portal/web content that can materially influence behavior.