llm-wiki

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The skill’s runtime workflow includes “Ingest sources” where the user provides URLs or pasted articles, which are saved under raw/articles/ and then read/synthesized into wiki pages—this can include outsider-authored free text from public web content or other people’s pasted material that becomes LLM-readable context.