newsletter-digest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs ingesting forwarded newsletters and arbitrary article URLs (e.g., "Digest https://article-url.com", "Forward newsletters to Clawd", "Works with any text content"), so the agent fetches and reads untrusted third-party web/user-generated content that can materially influence its summaries, reading lists, and follow-up actions.