naver-blog-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's required workflow and scripts (naver_search.py, naver_read.py, naver_download_images.py and SKILL.md) explicitly fetch and parse public, user-generated Naver blog pages and search results (search.naver.com, m.blog.naver.com) and CDN images (blogfiles.naver.net, postfiles.pstatic.net), and the agent is expected to read/interpret those blog post contents and use them to summarize or drive downloads, which could allow indirect prompt-injection from untrusted third-party content.