obsidian-knowledge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Clipping Save and Knowledge Organizer workflows explicitly ingest and act on content produced by a delegated "search-and-fetch" step (webpage titles, full text, summaries) and read/process files in 31_WebClips — i.e., arbitrary external webpages/public web clips — and then use that content to create/update notes and drive follow-up actions, exposing the agent to untrusted third-party content.