social-media-post

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly requires using google_search, scrape_page, and get_youtube_transcript (see "Allowed Commands" and Workflow step 2 / Output Strategy), which fetch open web pages and YouTube transcripts—untrusted, user-generated third-party content that the agent is expected to read and use to produce posts, enabling indirect prompt injection risk.