hindsight-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's documentation explicitly describes ingesting arbitrary user/third‑party content (references/developer/api/retain.md — "Store documents, conversations, and raw content" and the "Files" section allowing HTML/uploads) and then using those retained memories in agentic reflect/recall loops (references/developer/api/reflect.md) that can materially influence decisions, so it clearly exposes the agent to untrusted third‑party content.