writing-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to ingest and analyze arbitrary user-uploaded files (e.g., the "csv-data-analyzer" example that “When a user uploads a file with .csv extension, proactively run a comprehensive data analysis”) and other workflows that process user-supplied PDFs/CSV, which are untrusted user-generated inputs the agent is expected to read and interpret at runtime, enabling indirect prompt injection.