linkedin-project-post

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and displays arbitrary public web content by auto-capturing screenshots of user-provided live demo URLs (see "Screenshot / Image Attachment" in SKILL.md and scripts/capture-screenshot.sh which uses Puppeteer/shot-scraper or a public screenshot API), exposing the agent to untrusted third‑party content included in the post workflow.