obsidian-workflows

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md and references/advanced-workflows.md explicitly describe ingesting and processing external web clippings and full articles (see "Web clippings → Obsidian" and "Layer 0: Source capture — Full article"), meaning agents/plugins implementing /process-inbox and progressive summarization would read untrusted third‑party content that could influence subsequent actions.