narrative-lion

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and displays user-generated notes/insights from the Narrative Lion API (e.g., the SKILL.md "Before Writing or Updating Prompts" workflow instructs a sub-agent to run "nl.py insights --category prompt --json" and "Read through all returned insights"), and those arbitrary third-party-written insights are intended to be read and used to change prompts/decisions, enabling indirect prompt injection.