content-ideas-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Step 1 "Collect reference material" explicitly accepts URLs and says "If the user provides a URL, use web_fetch to retrieve the content," meaning the agent will fetch and read arbitrary public web content (newsletters, articles, transcripts) and use it to drive its analysis and post-generation, exposing it to untrusted third-party input that can influence behavior.