front-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and rules/endpoints.md explicitly instruct fetching full message bodies and attachments via the Front API (e.g., GET /messages/{id}, GET /conversations/{id}/messages and GET /download/{attachment_link_id}), which means the agent will ingest user-generated/untrusted message and knowledge-base content from third-party sources that could contain instructions influencing its behavior.