spice-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Web Search" section and tool configuration (tools: web / from: websearch with engine: perplexity) explicitly enable web searches that allow the agent to fetch and ingest public third‑party content at runtime, which the model can read and act on.