social-content

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's references/reverse-engineering.md explicitly instructs the agent to SCRAPE and collect 500–1000+ posts from public creators (LinkedIn, Twitter/X) using tools like Apify and PhantomBuster, meaning it ingests untrusted user-generated web content that the agent must analyze and use to drive decisions and actions.