chuinb

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires performing WebSearch and WebFetch and uses media-downloader to download images/videos from public websites and platforms (e.g., YouTube, Pexels, arbitrary URLs) and then reads/embeds that content into generated notes, so it ingests untrusted third‑party/user‑generated web content as part of its workflow.