wikipedia-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests public, user-editable Wikipedia content via the Wikipedia MCP calls shown in SKILL.md (e.g., get_content, get_summary, search_pages), and the workflow instructs the agent to read and use that content to inform decisions and downstream actions, creating clear potential for indirect prompt injection.