user-modeling

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly asks the agent to ingest upstream artifacts and public user-generated sources—e.g., "Reddit threads", "reviews", and "forums" (see Input Requirements and Step 1)—so the agent would read untrusted third‑party content as part of its workflow, creating a risk of indirect prompt injection.