research-archival

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's Scraping Workflow (SKILL.md and references/url-routing.md) explicitly fetches and ingests public/user-generated content from third‑party URLs (chatgpt.com share links, gemini.google.com, general web pages) via Firecrawl or Jina Reader and then uses that scraped content to populate frontmatter, "Key Findings", and GitHub issue bodies, so untrusted third‑party content can directly influence subsequent actions.