blog-draft

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Execution Flow (Step 1 and Notes in SKILL.md) requires fetching and summarizing provided URLs and performing web searches ("For each provided resource: URLs: Fetch and save key information..." and "Use web search for up-to-date information"), which means the agent ingests open/public, potentially user-generated third-party content and uses it to drive research, outline, drafting, citations, and next actions.