content-repurposer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts a blog post "URL to fetch" in Step 1 ("Long-form content — ... blog post (pasted, file path, or URL to fetch)") and Step 2 requires the agent to "Read the long-form content and extract" core ideas, so the agent will fetch and interpret arbitrary public web content which can directly influence generated posts and publishing actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly accepts a "blog post (pasted, file path, or URL to fetch)" and will fetch a user‑supplied external URL at runtime and use the fetched content to directly control prompt generation and outputs (flagged: user‑supplied external URL / blog post URL).