blog-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly requires reviewing and incorporating "research materials, links, or notes" provided by the user (see "Phase 1: Gather Information" and "Core Responsibilities: Incorporate Research" in SKILL.md), which means the agent will fetch and interpret arbitrary user-supplied third-party URLs/content as part of its writing process and that content can materially change outputs—exposing it to indirect prompt injection.