blog-to-linkedin-post

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill’s REQUIRED workflow ingests the user-provided blog content (either pasted text or fetched from a runtime URL) into the agent’s LLM context; if that blog is outsider-authored (e.g., public web page), its free-form prose becomes LLM-readable input via the “fetch the article first / paste the full text” path.