triage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests arbitrary saved web documents from the user's Readwise Reader (via mcp__readwise__reader_list_documents and mcp__readwise__reader_get_document_details), and those third‑party pages are read and synthesized to drive pitches and archive/move decisions.