context-recovery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory Recovery Workflow (Step 2: "Read Channel History" with message:read for Discord/Slack/Telegram/Signal in SKILL.md) ingests and parses user-generated messages from third-party channels and then synthesizes that content to drive follow-up actions, so untrusted external content can influence agent behavior.