obsidian-knowledge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Intent Router explicitly accepts user-provided webpage URLs and delegates to the defuddle skill (with WebFetch as a fallback) to fetch and parse page content, then analyzes that content and may save or act on it (e.g., append to daily notes or save full-page WebClips), which exposes the agent to untrusted third‑party webpages (see "Intent Router" and Step 1–3 in SKILL.md).