blog-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly instructs the agent to "Research topic using web-search-researcher agent" (SKILL.md, Workflow step 3) and the AEO/Resources require 5+ external citations from public sites (resources/aeo-requirements.md), meaning the agent will fetch and interpret untrusted public web content as part of its drafting process, enabling indirect prompt injection.