productclank-campaigns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public, user-generated social content (e.g., "server-side fetch via platform API (Twitter oEmbed, TikTok oEmbed, Reddit JSON, etc.)" described in SKILL.md under "Post Text Resolution" and the Discover flow and the API endpoints POST /agents/campaigns/boost and POST /agents/campaigns/{id}/generate-posts), and uses those fetched posts to generate replies and drive campaign actions—so untrusted third-party content is read and can materially influence agent behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes explicit financial/payment endpoints and instructions: it references topping up credits via USDC on Base and exposes a POST /api/v1/agents/credits/topup endpoint, along with credit balances, transaction history, and top-up flows. This is a specific crypto/payment integration (moving value), not a generic API caller, so it grants direct financial execution capability.