bx-markdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Common Usage Patterns show it ingesting and rendering user-authored, untrusted content (e.g., queryExecute("SELECT content FROM posts...") and form.postContent) which the agent reads/interprets via markdown() and could therefore allow third-party content to influence behavior or outputs.