newsletter-signal-scanner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly fetches and parses incoming newsletter emails from public third-party sources via the AgentMail inbox (see "Phase 1: Scan Inbox" and "Phase 5: Setup — Subscribe to Newsletters"), and those untrusted newsletter contents are read, interpreted, and used to drive signal extraction and recommended actions, enabling indirect prompt-injection risks.