notebooklm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required "Add a source" workflow in SKILL.md (Action 2: Add Sources and the "Synthesized content pattern") explicitly accepts arbitrary URLs/website/YouTube links and instructs pre‑processing/ingestion of that public content into NotebookLM, so the agent will read and act on untrusted third‑party web content that can materially influence queries and generated Studio outputs.