idml

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests and processes arbitrary, user-supplied IDML files—for example scripts/extract_story_text.py, scripts/apply_story_text.py, scripts/observe_idml_schema.py and scripts/validate_observed_schema.py read Stories/*.xml Content nodes and other Resources from provided .idml or unpacked directories—so it will read untrusted third-party text that could carry indirect prompt-injection content.