ai-engineer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly lists web scraping and document processing ("Document processing: PDF extraction, web scraping, API integrations") and web browsing/search capabilities (under "Agent Frameworks & Orchestration" and the example "Build an AI agent that can browse the web and perform research tasks"), so it will ingest and act on untrusted public web content that could carry indirect prompt-injection instructions.