social-clips

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md explicitly instructs the agent to fetch Slack thread content via mcp__slack__slack_get_thread_replies and to download avatar images from Slack URLs (e.g., avatars.slack-edge.com), and that fetched user-generated messages are parsed and used to build the timeline and render decisions for the video, exposing the agent to untrusted third-party content that can influence behavior beyond mere display.