microsoft-foundry

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly includes an "Agent with Web Search" example (see language/python.md / "Agent with Web Search" using BingGroundingToolDefinition and instructions to "search the web" and "Always provide sources"), which causes the agent to fetch and read public web content (untrusted third-party content) as part of its workflow, enabling potential indirect prompt injection.