unclawg-discover

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests public, user-generated content (e.g., scripts/search_reddit.sh hitting reddit.com, scripts/search_hn.sh using hn.algolia, scripts/search_twitter.sh and search_linkedin.sh calling Apify actors, and Instagram/TikTok comment scrapers), and SKILL.md phases (Phase 3 Run Discovery → Phase 4 Filter and Score → Phase 5 Normalize Output) require the agent to read source_post_text and generate reply_strategy/actions, so untrusted third-party posts can materially influence tool use and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime scripts invoke Apify actor endpoints (e.g. https://api.apify.com/v2/acts/apimaestro~linkedin-posts-search-scraper-no-cookies/runs?token=${APIFY_API_KEY}) to start remote scraper runs, which executes remote code during runtime and are required for Twitter/LinkedIn/TikTok/Instagram/Indeed features—meeting the criteria for a runtime external dependency that can directly affect agent behavior.