outline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill makes API calls to external Outline wiki instances (see scripts/outline.py and the README API endpoints like POST /documents.search and POST /documents.info) to fetch user-generated wiki documents and returns document text for the agent to read, which could contain untrusted instructions capable of influencing subsequent actions.