yaak-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (e.g., "yaak -e <environment_id> send <request_id>" and the "Observed behavior" note that non-verbose yaak send prints the response body) instructs the agent to fetch and read HTTP responses from requests defined in the shared Yaak workspace, which are arbitrary/untrusted third-party content that could influence subsequent actions.