configure

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly reads ~/.claude/channels/discord/access.json (and the Discord-populated .env state) which contains user-generated Discord data (pending pairing codes, display names, allowed senders) and uses that content to decide and drive follow-up actions (e.g., locking policy, running /discord:access commands), so untrusted third-party content can materially influence agent behavior.