sanity-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill’s migration guide (rules/migration-html-import.md) explicitly fetches and parses external HTML (e.g., fetchWordPressPosts(), htmlToBlocks(post.content)) and downloads external images (uploadImage fetching imageUrl), so the agent is expected to ingest untrusted, user-generated web content and act on it (createOrReplace documents), allowing third‑party content to influence tool actions.