document-rag-pipeline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests and processes arbitrary PDF files from a user-specified folder (see build_inventory scanning Path(args.folder) and process_documents calling extract_pdf_text/ocr_pdf) and reads/chunks those documents into the semantic search results, so untrusted third-party or user-provided content could be interpreted by the agent.