generate-writeup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests content from open/public sources (Step 1: slides can be arbitrary PDF/PPTX/OneDrive/RevealJS URLs fetched via fetch_slides.py; Step 3: transcripts extracted from YouTube) and then reads SLIDES_HTML_CONTENT (RevealJS) and transcripts as core inputs that directly influence the generated write-up, so untrusted third-party content can affect agent behavior.