blog-02-write-post

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs "Use parallel subagents to WebSearch the topic," which means it fetches and ingests open/public web content (potentially user-generated/untrusted sources) as part of its research workflow, creating a clear avenue for indirect prompt injection.