daily-briefing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill clearly ingests and summarizes untrusted third‑party content — e.g., "Twitter highlights" pulled from items, Exa searches for Substack/news, WebSearch for weather, and public APIs like CoinGecko — which the agent is expected to read and include in the briefing, creating a surface for indirect prompt injection.