topic-pulse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Phase 3 "Research current context" and earlier goal statements explicitly require gathering "outside context" from "the web" and collecting source links (e.g., "gather the most useful context from the vault and the web", "Collect... the most useful source links"), which clearly directs the agent to fetch and interpret open/public third‑party content that could influence note-updating actions.