docs: refresh untrusted file wrapper refs

2026-04-27 00:17:29 +00:00 · 2026-04-04 19:39:09 +01:00
parent eaef4ee1b1
commit b1279b0db3
4 changed files with 21 additions and 1 deletions
--- a/docs/help/faq.md
+++ b/docs/help/faq.md
@@ -2998,6 +2998,9 @@ Related: [/concepts/oauth](/concepts/oauth) (OAuth flows, token storage, multi-a

    - using a read-only or tool-disabled "reader" agent to summarize untrusted content
    - keeping `web_search` / `web_fetch` / `browser` off for tool-enabled agents
+    - treating decoded file/document text as untrusted too: OpenResponses
+      `input_file` and media-attachment extraction both wrap extracted text in
+      explicit external-content boundary markers instead of passing raw file text
    - sandboxing and strict tool allowlists

    Details: [Security](/gateway/security).