obsidian-templater

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md documents built-in tp.web functions (e.g., tp.web.request(url, ...), tp.web.daily_quote(), tp.web.random_picture()) and shows using them (see the "Built-in Templater modules" section and the "Daily note" example), which fetch arbitrary public web content/JSON that templates can read and then act on via JS blocks (async <%* %>) and file operations—exposing the agent to untrusted third‑party content that could influence behavior.