quiz

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches full document content and highlights from Readwise (e.g., mcp__readwise__reader_get_document_details, mcp__readwise__reader_get_document_highlights and list_documents with url) and requires the agent to read and interpret those (potentially public, third‑party) webpages/articles to generate questions and grades, allowing untrusted content to influence behavior.