context-engineering-collection

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The repository explicitly instructs agents to ingest and act on open/public web content — e.g., the README's "x-to-book-system" example that "monitors X accounts and generates daily synthesized books" and the docs/SKILL.md text describing agents reading web pages/tool results (preserving URLs and storing full page contents) which are user-generated and used to drive agent decisions — creating clear exposure to untrusted third‑party content.