extract-wisdom

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md Input Sources explicitly require using WebFetch to retrieve YouTube transcripts and article URLs ("YouTube URL | Use WebFetch on transcript services" and "Article URL | WebFetch to get content"), so the agent fetches and ingests untrusted public third‑party content which it must read and use to drive its extraction and output decisions, enabling indirect prompt injection.