prism

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow and required SOURCE phase explicitly instruct the agent to ingest public Web URLs and YouTube links (see "Source type (PDF/Docs/Slides/URLs/EPUB/YouTube/Images/CSV)" and "Use Discover Sources to find and incorporate web/Drive materials into notebooks" in SKILL.md), so it will read untrusted third‑party/user‑generated content that can materially influence prompt design and downstream actions.