obsidian-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and searches external user-generated/public content — e.g., Readwise/ (Articles, Books, Tweets) and Snipd/ (podcast transcripts) via search-readwise.py and search-snipd.py and guidance in "When to Read from Vault" — which the agent is expected to read and interpret.