exploring-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill ingests arbitrary user-provided datasets from /mnt/user-data/uploads (processed by scripts/analyze.sh into eda_report.json and then summarized by scripts/summarize_insights.py), and Claude reads that generated markdown summary, so untrusted user content can influence the agent's behavior.