note-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs fetching and analyzing arbitrary URLs (e.g., "URL (문서) | WebFetch로 내용 분석" in SKILL.md and the templates' source-url fields including "https://..." and "https://youtube.com/..."), so it ingests untrusted public web content which the agent reads and uses to drive note-creation and linking decisions.