social-media-posting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md workflow explicitly instructs the agent to read/scrape public social-media content and pages (e.g., "Read last 10 posts per platform", use xurl timeline -n 10, "navigate to profile", and "scrape and download their official logos first" in SKILL.md and references/platform-posting.md) and to use those untrusted, user-generated posts to deduplicate, analyze analytics, and drive posting/engagement decisions, which clearly exposes the agent to third-party content that could carry indirect prompt injections.