content-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's CLI and workflow explicitly instruct fetching and analyzing published content from arbitrary URLs (see "CLI Integration" examples like node .claude/tools/cli/post-analyzer.cjs --url "https://example.com/post\" and the "Use when analyzing published blog post, article, or social media post" guidance), which requires ingesting untrusted public/user-generated web content that the agent reads and uses to drive analysis and downstream decisions.