Media

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The Essay workflow (Art/Workflows/Essay.md) mandates "deeply read the full blog post, essay, or input material" and explicitly requires running the CSE-24 step with "/cse [paste the content or URL]" — which instructs the agent to ingest arbitrary external URLs/content and use the extracted narrative to drive prompt construction and generation, exposing the agent to untrusted third‑party content that can influence actions.