milan-jovanovic-blog

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly scrapes and ingests public blog content from Milan Jovanovic's website (see the /milan-jovanovic:scrape-posts command, scripts/core/find_articles.py, and stored canonical content with source_url fields), and the agent is expected to read/interpret those publicly fetched articles as part of its search/get_article_content workflow, exposing it to untrusted third‑party content.