reading-notes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The required runtime workflow ingests the user-supplied resource content (e.g., a webpage/public URL, YouTube transcript/captions, or pasted notes) into the LLM context; if that resource is outsider-authored free text (public web content or other people’s notes/messages), it becomes readable prose for summarization, creating indirect prompt-injection exposure.