jb-markit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly shows using markit on public URLs (e.g., "markit https://example.com/article", Wikipedia, GitHub, gists, and "general URLs") which means the agent fetches and converts untrusted, user-generated third-party web content into markdown that the agent will read/parse as part of its workflow, enabling indirect prompt injection.