performance-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Path A data-collection instructs the agent to pull recent social media posts and per-post metrics via BlackTwist calls (e.g., list_posts, get_post_analytics), which ingests user-generated content from social platforms that the agent must read and interpret as part of its analysis workflow, creating opportunity for indirect prompt injection.