spaces-storage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill clearly accepts and exposes arbitrary user-generated files via DigitalOcean Spaces and CDN (see the FileUpload client, the FastAPI /upload endpoint, and functions like downloadFile, listFiles, getPresignedDownloadUrl which return or fetch public CDN/Spaces URLs), so the agent could retrieve and interpret untrusted third‑party content.