content-refresher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly asks the agent to ingest and analyze external URLs and competitor pages (e.g., "Refresh this article for [current year]: [URL/content]" and sections describing pulling data from analytics / search console / SEO tools and using competitor URLs), which requires fetching and acting on untrusted public third‑party content.