timeless

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and ingests untrusted user-generated content (podcast RSS/MP3 via scripts/podcast.sh and arbitrary YouTube URLs via scripts/youtube.sh and yt-dlp) and the SKILL.md workflows then fetch transcripts and AI summaries from those items (and public Timeless share URLs) that the agent is expected to read and act on, so third-party content can materially influence agent behavior.