project-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly prescribes an "acquire → prepare → process → parse → render" pipeline where "Acquire" fetches raw data from sources (APIs, files, databases) and Example 1 describes fetching and analyzing 930 Hacker News discussions (public, user-generated content), meaning the agent is expected to ingest and act on untrusted third‑party web/forum content.