laws-of-taste

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to "critique what is actually there" when "the user shares a mockup, screenshot, component, repo, URL, or codebase" (SKILL.md — "How to respond"), which requires ingesting and interpreting user-supplied/untrusted third-party URLs or artifacts that can materially influence its recommendations and next actions, creating a risk of indirect prompt injection.