infographic

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow (Step 1: "Extract & Structure Content") and README explicitly instruct the agent to ingest and analyze user-shared articles/tweets (public URLs or user-generated content) so the agent must read/interpret third‑party web/social content to decide layout and content, which could enable indirect prompt injection.