em-capture-idea

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly fetches and processes public, user-generated web content (tweets, bookmarks, trending/news, and arbitrary URLs) via Bird CLI (e.g., "bird read {url} --json", "bird bookmarks", "bird trending" and the "Captura individual" flow) and then interprets that content to generate summaries, choose items to save/delete, and set tags, so untrusted third‑party content can materially influence agent actions.