obsidian-templater

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md explicitly exposes web-fetching like tp.web.request(url, path?) and recommends fetching the project's raw GitHub Markdown base URL (and also exposes tp.web.daily_quote / tp.web.random_picture), so the agent is expected to fetch and interpret arbitrary public web content as part of its workflow, which could enable indirect prompt injection.