spice-accelerators

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests external data as part of its runtime (e.g., "snapshots: location: s3://my_bucket/snapshots/" for S3 bootstrap and "caching" for API responses / HTTP endpoints, plus connectors to Postgres, Kafka, Debezium, DynamoDB Streams), so it can read untrusted third-party content that could carry indirect prompt injections.