blog

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's orchestration explicitly spawns a "blog-researcher" agent that "uses WebSearch to find current statistics, competitor content, and SERP analysis" and the Execution Flow step 2 ("Research — Spawn blog-researcher agent for statistics, sources, SERP data") plus multiple references to sourcing from public sites (Pixabay/Unsplash/Pexels, Reddit, YouTube, etc.) show it fetches and ingests untrusted, user-generated or public web content which the agents then use to drive writing, citations, and follow-up actions — enabling indirect prompt injection.