grimmory-self-hosted-library

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's BookDrop flow and the MetadataService (SKILL.md) explicitly fetch and ingest metadata from public third-party sources (Google Books and Open Library), which the agent reads and applies to update book records and behavior, exposing it to untrusted external content that could influence actions.