khoj-research-guide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly describes Deep Research Mode and API examples that "synthesize" information from "personal notes and the web" and documents indexing that includes public sources like GitHub repositories and Notion pages, so the agent is expected to fetch and act on untrusted public/user-generated web content (e.g., the Deep Research Mode and automated agent examples in SKILL.md).