synthesis-content-distribution

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and read user-provided web content (e.g., "When given a content URL, produce a strategic brief" in the Initial Analysis Phase and "Read the article at the provided URL" in Quick Start: Blog Article Promotion), so it ingests untrusted third-party web pages whose content can influence the agent's decisions and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires reading a "Content URL" at runtime (i.e., any user-supplied external article URL) — fetched external content would be ingested and directly control the agent's prompts/instructions, so user-provided Content URL (any external URL given at runtime) is flagged.