database-schema-designer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and stores arbitrary third-party web content (see the analyses table's url and raw_content fields, analysis_chunks/snippet and content_sections, and associated embeddings/artifacts) which the agent reads and processes for semantic/full-text search and agent outputs, exposing it to untrusted user-generated content and indirect prompt injection risk.