digital-archive

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The ArchiveWorkflow clearly scrapes and ingests open web and social-media content (see the architecture "Web Scraping / Social Media" and ArchiveWorkflow.process_url which calls self.scraper.fetch(url)) and then the pipeline reads that untrusted user-generated text with the AI categorizer and entity extractor, exposing the agent to indirect prompt injection.