storyteller-planner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow explicitly says it will fetch and ingest content when "URL이 주어지면 콘텐츠를 먼저 가져온다" (SKILL.md Step 1) and accepts "콘텐츠(뉴스레터, 아티클, URL 등)"—i.e., arbitrary public URLs—which the agent must read and use to plan cards, so untrusted third‑party web content can directly influence its actions.