zotero-obsidian-bridge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's workflow (references/WORKFLOW.md, step 2) explicitly ingests Zotero item metadata, fulltext, annotations and even Zotero "webpage" items (external/public URLs), and those third‑party contents are then read and synthesized to create/update notes and downstream artifacts, so untrusted public content could influence agent behavior.