Migrate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly reads and ingests arbitrary external files and pasted stdin — including CLAUDE.md, .cursorrules, OpenAI Custom Instructions, Obsidian/Notion/Apple Notes exports and journal dumps — and then classifies and commits "AI collaboration rules" / memory/feedback into the agent's store, so untrusted third‑party content could contain instructions that materially change agent behavior.