replay-ux-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md requires querying and ingesting session replays and related issue data from external Sentry users (via search_events, get_replay_details, search_issues, get_sentry_resource) — i.e., user-generated/untrusted content from Sentry org replays — and explicitly uses those replay/URL/queryparam contents to drive analysis and follow-up actions, so third-party content can materially influence agent behavior.