collector-hand-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's agent explicitly performs web_search and web_fetch in Phase 3 of the system_prompt/HAND.toml to gather open-source material (including blogs, forums, social media and other community/anonymous sources listed in "Source Categories" and collection heuristics) and then reads and ingests that untrusted third‑party content to extract entities, update the knowledge graph, and trigger alerts—exposing it to indirect prompt injection.