building-with-llms

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly describes agents ingesting and reading untrusted public/user-generated sources as part of workflows (e.g., "Claude Code... knows how to browse the web" and "download public domain texts" — Dan Shipper, and "took the transcript from the Discord channel... fed it into Gemini" — Tamar Yehoshua), which exposes the agent to third‑party content that could enable indirect prompt injection.