nudocs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md workflow explicitly calls nudocs pull from the external service https://nudocs.ai and says the agent "reads the downloaded file" and returns what changed, which means the agent ingests and interprets user-editable, third-party content from Nudocs (a public collaborative editing platform) that could contain instructions influencing subsequent behavior.