digital-brain

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill reads and acts on user-saved external content (e.g., knowledge/bookmarks.jsonl, content/engagement.jsonl, content/posts.jsonl) in required workflows and automation scripts (agents/scripts/content_ideas.py, agents/scripts/idea_to_draft.py, weekly_review.py), so untrusted third-party content stored there is ingested and can materially influence agent outputs and next actions.