obsidian-knowledge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and acts on external webpage content via the "Clipping Save" workflow that consumes search-and-fetch outputs and the "Knowledge Organizer" workflow that reads WebClips stored in 31_WebClips (see SKILL.md), meaning untrusted third‑party page content is read, interpreted, and can drive create/update/move actions in the vault.