ultrabrain

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflows explicitly accept and process raw source files (including entries with "source: url" and web-clipped articles) and the ingest procedure reads those raw files and integrates their content into the wiki (see references/operations.md capture steps and references/agents-template.md "Operation: Ingest" which names articles/papers/images as raw sources), so the agent will read and act on arbitrary third‑party/user‑provided web content that could carry indirect prompt injections.