ship-learn-next

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and analyzes arbitrary user-provided learning content (e.g., "Read the file the user provides (transcript, article, notes)" and "Transform learning content (like YouTube transcripts, articles, tutorials)"), which are open/public third‑party or user‑generated sources that the agent will read and interpret as part of its workflow, enabling indirect prompt injection.