flomo-web-crud

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly reads and deep-scans live user memos from the flomo Web UI (https://v.flomoapp.com/mine) using chrome_read_page / chrome_get_web_content as described in SKILL.md and references/workflows.md and then interprets those memo bodies to drive queries, summaries, and edit/delete actions, so third-party/user-generated content can influence tool use.