a2a-protocol

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's client workflows explicitly fetch Agent Cards and communicate with remote agents via URLs (e.g., A2AClient.get_client_from_agent_card_url("https://.../.well-known/agent.json") and subsequent send_message usage), meaning the agent ingests and acts on untrusted third-party agent-provided content that can materially influence decisions and follow-up actions.