nby-notion-reading-notes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads user-generated Notion page content via the Notion REST API (Round 2 "List Inbox children" / "Read Article Content") and may fetch arbitrary external webpages via Jina WebFetch (Round 2.5: https://r.jina.ai/{LINK_URL}), and that untrusted content is parsed and used to generate notes and drive actions (append notes and move pages), so it can enable indirect prompt injection.