book-to-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill ingests and processes arbitrary user-supplied book files (e.g., ".txt" book files and converted epub/pdf/docx) as part of the convert-book / analyze-book workflows, so untrusted third‑party content provided by users would be read and interpreted by the agent.