manage-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches an external manifest from https://raw.githubusercontent.com/dev-goraebap/agent-collab/main/manifest.json and—more importantly—supports external platform integrations (Notion/Linear/Confluence/GitBook/Obsidian, etc.), auto-triggers on pasted platform URLs, and instructs the agent to use MCP/CLI/plugins to search and load user-generated pages, meaning untrusted third-party content is read and can materially influence agent decisions.