add-content

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's "URL Content Archival" and RULE.md execution steps (e.g., "When user provides URL" and Example 2) instruct the agent to WebFetch arbitrary user-provided web URLs and extract/convert their content, so it ingests untrusted third-party web content that could contain indirect prompt injections.