posterskill-academic-posters

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly says Claude asks for your project website URL (Inputs Claude Uses) and "uses Playwright to download logos from your project website," meaning the agent fetches and ingests arbitrary external webpages (project/conference/author sites) as part of its workflow and could be influenced by their untrusted content.