remnote-bridge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly reads user-generated RemNote content (e.g., via read-rem, read-tree, read-context, read-globe and search) as required in SKILL.md and the instruction files (e.g., instructions/read-tree.md, instructions/read-rem.md, instructions/read-context.md), so untrusted third-party content from RemNote is ingested and can materially influence subsequent edits and actions.