harvest-monitor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill’s required workflow fetches arbitrary web page content at runtime from user-supplied URLs (e.g., https://docs.example.com/...) and then ingests that fetched free-form text into the LLM context for diffing/reporting, which is outsider-authored public web content.