blogpost-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly says linkposts "auto-fetch" title/summary/date from the provided URL and the included extract-meta.js script fetchHTML() follows redirects and scrapes arbitrary webpages to extract metadata, which the agent then uses to set the post title, date, slug, and body—allowing untrusted third-party page content to influence actions.