blog-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to "Review all provided materials" and to "Incorporate Research" including "research materials, links, or notes provided by the user" (Phase 1 / Core Responsibilities), which means the agent will consume arbitrary user-provided or public URLs and their content, exposing it to untrusted third-party input that could carry indirect prompt injections.