wiki-ingest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly reads and ingests arbitrary source documents from the wiki raw/ queue (see "Step 1
• Scan raw/ for all files" and "Step 2a. Read/extract content") including web clippings, PDFs, and saved pages, and uses their content to decide classification, page creation/updates, backlinks, and file moves—so untrusted third‑party content in raw/ can materially influence agent actions.