project-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Acquire stage and the Case Study (Karpathy's HN Time Capsule) explicitly fetch and parse public web content and user-generated comments (e.g., downloading Hacker News pages via HTTP and comments via the Algolia API), which the agent is expected to read and analyze as part of the pipeline, exposing it to untrusted third-party content and potential indirect prompt injection.