hub

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The "Article → audio briefing" workflow in SKILL.md explicitly says "Agent fetches the URL, summarizes, then:" which requires the agent to retrieve and interpret arbitrary public web pages (untrusted third‑party content) as part of its processing, enabling indirect prompt injection.