content-planning

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's references.md explicitly instructs the agent to "Use WebSearch/WebFetch to load these references when needed for content planning tasks" and lists public URLs/search queries (e.g., HubSpot, Instagram, TikTok, Sprout Social), so the agent will fetch and interpret untrusted public web content as part of its workflow which can materially influence scheduling and task decisions.