writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly scrapes and ingests external blogs and social media (e.g., bun scripts/extract-blog-samples.js with arbitrary URLs and extract-social-samples.js that navigates LinkedIn/X via the browser-control scripts) and then reads/analyzes those user-generated public posts as part of voice-profile creation, so it consumes untrusted third-party content that could carry indirect prompt injection.