generate-note-ideas

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The orchestrator explicitly web-fetches public, user-generated content—YouTube video transcripts and top comments (Step 1), Substack archive/issues and Notes feed (Step 2), and web-trend search results (Step 3)—and passes that untrusted material into content-strategy:ideate (Step 4) to drive idea generation and subsequent actions, which could allow indirect prompt injection.