hugo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's templates explicitly allow fetching and rendering arbitrary remote data (see references/asset-pipeline.md: resources.GetRemote "https://api.example.com/data.json") and reference social/embed shortcodes (YouTube, Twitter, Instagram, Gist), which means the agent can read and interpret untrusted, user-generated third-party content.