content-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly automates browsing and scraping of arbitrary public webpages via Playwright (see reference/browser-recording.md and SKILL.md Visual Types/Phase 3 browser_capture) and pulls user-generated assets from public APIs (Pexels, GIPHY, Imgflip, Simple Icons mentioned in SKILL.md and README), then reads and acts on that content as part of research, asset sourcing, composition, and self-review—so untrusted third‑party content can influence tool decisions and workflow.