blog-rewrite

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill's Phase 2 Research explicitly instructs the agent to search the open web for replacement statistics and to fetch/verify images from public sites (e.g., "Search: [topic] study 2025 2026 data statistics" and "Pixabay: site:pixabay.com... / Unsplash: site:unsplash.com... Verify each URL returns HTTP 200"), meaning it ingests untrusted, user-hosted third‑party content that the agent must read and use to drive rewrites and citation injection.