llm-wiki-en

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The ingest operation in SKILL.md explicitly fetches arbitrary URLs ("URL → Fetch and save to raw/articles/") and then reads/extracts that content to create/update wiki pages and drive follow-up actions, so untrusted third‑party pages can materially influence the agent's behavior.