agent-memory-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md includes a "pending-memories.md" pipeline and queue_external_memory function that explicitly ingests external "source" and "content" (e.g., "web_search") into pending-memories.md and the skill's review_pending_memories / curate_weekly_memories scripts read and incorporate those entries into MEMORY.md, meaning untrusted third-party content is read and can materially influence agent memory and actions.