Convex Agents RAG

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests arbitrary user-provided documents via rag.addContent into namespaces like user:{userId} and then uses rag.search to return that context (context.text) which is concatenated into prompts passed to thread.generateText, meaning untrusted third-party/user-generated content is read and interpreted as part of the agent workflow.