azure-ai-document-intelligence-ts

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's main workflow (e.g., "Analyze Document (URL)", "Extract Invoice Fields", and "Classify Document" in SKILL.md) explicitly ingests documents from arbitrary URL sources (body: { urlSource: ... } and containerUrl SAS links), so it reads and acts on untrusted public third‑party content that could influence analysis and downstream decisions.