designing-genai-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs ingesting and indexing open/public content for RAG and agent workflows—see INSTRUCTIONS.md RAG sections and references/RAG-DATA-LOADING.md and references/OPS-DATA-ENGINEERING.md (web crawlers, CommonCrawl, public websites, PDFs, etc.)—and agents are expected to read and act on those untrusted documents (e.g., references/AGENTIC-SYSTEMS.md Tool Calling warns of prompt-injection), so third-party content can materially influence tool use and decisions.