crisis-detection-intervention-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests and analyzes arbitrary user-generated text (e.g., CLI/app input in scripts/crisis_detector.ts and the few-shot LLM call in detectWithClaude), and also calls public APIs/models (Hugging Face models, SAMHSA locator, Anthropic/Claude) — so the agent reads and interprets untrusted third-party/user content as part of its workflow, enabling indirect prompt-injection risks.