validate-icp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs spawned agents to mine public user-generated sources (Reddit, Hacker News via hn.algolia.com, X/Twitter, IndieHackers, Trustpilot, public Discord transcripts, and niche forums) for verbatim quotes and to use those quotes and source links to synthesize a VALIDATED/WEAK/NOT FOUND verdict and DM lists, so untrusted third-party content is fetched and directly influences agent decisions.