read-source

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). SKILL.md explicitly allows reading arbitrary web resources (see the "Read from URLs" examples like witan read https://example.com/report.pdf --outline) and describes a pipeline that reads and parses that fetched content to drive parsing and spreadsheet population, so untrusted public web content is fetched and interpreted and can influence downstream actions.