wordpress-uploader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses content from arbitrary WordPress sites via the REST API using the provided scripts (e.g., wordpress-edit-post.py --get and --list-drafts and the instruction to "Display complete script output" and parse post content/URLs), which are user-generated/untrusted and are used to decide edits, publish/delete actions, and next steps.