content-refresher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md (Data Sources and Worked Example sections) explicitly instructs the agent to fetch and use content from public third-party sites (e.g., competitor URLs, provider pages, UptimeRobot public status pages) as part of the refresh workflow, meaning untrusted web content would be read and used to drive decisions and edits.