xlsx

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "External Data in Excel" and other sections explicitly allow and instruct using externally fetched data (e.g., "datasource, web_search, API calls" and examples like Yahoo Finance/World Bank) and require the agent to ingest and cite that public third-party content into the generated .xlsx, so the agent would read/interpret untrusted web-sourced data as part of its workflow.