source-verify

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow explicitly downloads and ingests external content (e.g., "Download paperpile.bib from Drive" in Step 0 and "Readwise highlights --search" / downloading PDFs from Google Drive for rga and NLM notebook ingestion) and then reads and interprets that user/third-party content to drive verification decisions and follow-up actions, exposing the agent to untrusted third-party inputs that could carry indirect prompt injection.