startup-idea-validator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to fetch and parse user-generated content from public sources (e.g., Reddit via the public JSON API, Hacker News/Product Hunt/Indie Hackers, and general web searches) and to read/interpret those posts as part of its core evaluation workflow, so untrusted third‑party content can materially influence agent decisions.