crisp-reading

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "book name" mode explicitly auto-searches and downloads full texts from public third-party libraries (e.g., Gutendex / Project Gutenberg) as documented in SKILL.md and references/ebook-library.md, and those fetched texts are read by Claude and used to drive analysis and subsequent actions, so untrusted public content can directly influence the agent's behavior.