paragraph-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and read public Paragraph content (e.g., "paragraph post get --field markdown", "paragraph post feed", and search/list commands) from paragraph.com—user-generated third-party posts that the agent is expected to interpret and that can materially influence actions like publishing—so it exposes the agent to untrusted third-party content.