social-content

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's reverse-engineering workflow (references/reverse-engineering.md and the "Reverse Engineering Viral Content" section in SKILL.md) explicitly instructs the agent to find and scrape public social media creators' posts (e.g., "SCRAPE — Collect posts at scale" and mentions tools like Apify and Phantom Buster), which means it ingests untrusted, user-generated third-party content and uses that content to drive analysis and subsequent actions.