faion-claude-code

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly enables and instructs agents to fetch and interpret public third-party content—e.g., the Agents/Available Tools listing includes "WebFetch" and "WebSearch" and skills examples show WebFetch(domain:github.com), and the MCP server catalog lists public social APIs like Twitter/X and Notion—so the agent will read untrusted web/social content as part of its workflow.