langgraph

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md "Basic Agent Graph" example defines a search tool ("Search the web for information") and shows a ToolNode + LLM loop where the agent consumes tool outputs (web results) and uses them to decide routing/next actions, which clearly ingests untrusted public web content that could supply instructions.