libraria

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md explicitly lists an "Add Document" action that can add documents "via URL scraping" (Popular actions table) and a "Query Library" action that returns AI-powered responses based on those documents, meaning the agent may fetch and interpret arbitrary public web content that could contain untrusted instructions.