hn-title

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (Using This Skill / Phase 1) explicitly asks for "a link to your blog post" and states it will "read the blog post" and "analyze your content," which means the agent is expected to fetch and interpret arbitrary public user-generated web content that could contain injected instructions.