ingest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Articles & Web Content" and "Social Media Content" workflows explicitly fetch arbitrary URLs and social posts ("Fetch content (web_fetch or equivalent)" and "Fetch full content (thread, quote tweets, context)"), then analyze and use that untrusted, user-generated content to update gbrain and to inform responses, so external pages/posts can materially influence agent behavior.