omnivore-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md shows the CLI's omnivore save-url and omnivore get-articles commands interact with the Omnivore API to save and retrieve articles from arbitrary public URLs (e.g., saving external URLs and returning article content/markdown), so the agent will consume untrusted third-party web content that could include instructions influencing subsequent actions.