baoyu-translate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches arbitrary URLs ("Materialize Source" in references/workflow-mechanics.md: "URL | Fetch content, save to translate/{slug}.md") and then reads and analyzes that fetched content (analysis, chunking, and subagent prompts) to drive translation and spawn subagents, so untrusted public web pages could contain instructions that materially influence agent behavior (indirect prompt injection).