notebook-lm-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Document Ingestion explicitly accepts "web pages" and common text formats (and Google Docs) and then analyzes those multi-source, potentially public/user-generated documents as part of its workflow, exposing the agent to untrusted third‑party content from the open web.