azure-ai-formrecognizer-java

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly shows using client.beginAnalyzeDocumentFromUrl with arbitrary documentUrl/receiptUrl (e.g., "Analyze from URL" examples), which fetches and ingests content from external/public URLs that the agent will parse and act on, enabling untrusted third-party content to influence analysis and subsequent decisions.