vault-capture

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Workflow step 1 explicitly instructs the agent to fetch and parse arbitrary web pages via "defuddle parse " and then uses that extracted, user-provided third‑party content to generate summaries, decide folder names, and write files into the vault—meaning untrusted web content can materially influence the agent's actions.