knowledge-ingestion-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Pattern 4: Websites / Web Content" includes chunk_webpage(url) and crawl_site(start_url) which use httpx to fetch and parse arbitrary public URLs, clearly ingesting untrusted third-party web content for the agent to read and chunk.