wikipedia-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses open, user-generated Wikipedia content via the MediaWiki API (see scripts/wikipedia_client.py and references/api_reference.md) and ingests article wikitext/HTML and external URLs (see scripts/citation_extractor.py and scripts/source_verifier.py), so the agent will read and interpret untrusted third-party content that could carry indirect prompt-injection vectors.