DeepReader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill automatically extracts URLs from user messages (SKILL.md and init.py "Triggers automatically when any message contains https://"), then directly fetches and ingests public, user-generated content from X/Twitter (parsers/twitter.py), Reddit (.json in parsers/reddit.py), YouTube transcripts (parsers/youtube.py), and any webpage via trafilatura/BeautifulSoup (parsers/generic.py) into agent memory, so untrusted third‑party content can be read and materially influence agent actions (including NotebookLM integration).