memory-lancedb-pro-use

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly auto-captures user-generated conversation text into LanceDB and auto-recalls/injects those memories into agent context (see "What It Does", "auto-capture + smart extraction", and the "before_agent_start"/"agent_end" / SmartExtractor descriptions in SKILL.md and reference files), so untrusted user/third‑party content is ingested and read as part of the workflow and can materially influence agent behavior.