feed-catchup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly calls mcp__readwise__reader_list_documents and mcp__readwise__reader_get_document_details to ingest RSS/public-website content (including showing short items verbatim) and uses that content to select and act on items, exposing the agent to untrusted third-party instructions.