blog-write

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 2 "Research" workflow explicitly instructs the agent to perform web searches and ingest content from open/public sites (e.g., search results and user-generated image platforms like Pixabay/Unsplash/Pexels, extracting image URLs and statistics), which the agent will read and use to shape statistics, charts, citations, and writing — creating clear exposure to untrusted third-party content that can influence actions.