content-tone-adjuster

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill reads local prompt files and the remove-ai-artifacts prompt (skills/content-tone-adjuster/remove-ai-artifacts/prompt.md) explicitly instructs the agent—subject to user confirmation—to perform a web search and ingest content from the open Internet to identify model-stereotyped phrases and then use those findings to guide edits, which exposes the agent to untrusted third‑party content that can influence subsequent actions.