last30days

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md workflow explicitly searches and fetches public Reddit threads, X/Twitter posts (via Bird CLI), and web articles (web_search/web_fetch) and then synthesizes quotes, patterns, sentiment, and ready-to-use prompts—meaning untrusted, user-generated third-party content is ingested and can materially influence the agent's outputs and actions.