ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill includes runtime APIs that fetch and ingest external web content — notably ai.mcp.get_http_tools("https://mcp.example.com/mcp", ...) which loads remote tool definitions and ai.user_message(..., ai.file_part(url)) which can reference arbitrary URLs — allowing untrusted third‑party content to influence tool selection and agent actions.