blog-analyze

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and extracts content from published URLs using "WebFetch" (see "Input Handling" / "URL: Fetch with WebFetch, extract content" in SKILL.md), so arbitrary public web pages are read and directly used to drive scoring and rewrite actions, exposing the agent to untrusted third‑party content that could contain indirect prompt injection.