hn-extract

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly scrapes linked article pages with trafilatura and fetches Hacker News story metadata/comments from the public https://hn.algolia.com/api/v1/items/, and the mandatory workflow requires uploading that generated markdown for the agent to optionally summarize, so untrusted user-generated web content is ingested and can influence agent actions.