project-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's canonical "acquire" stage and the Karpathy HN Time Capsule case study (references/case-studies.md) explicitly fetch public web content—downloading Hacker News articles and user comments via HTTP/Algolia—which are untrusted, user-generated sources that the agent is expected to read and analyze as part of the pipeline.