last30days

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public Reddit/X posts and arbitrary web pages (see scripts/last30days.py + scripts/lib/openai_reddit.py and reddit_enrich.py which call Reddit/X APIs and http.get_reddit_json, and SKILL.md's "WEBSEARCH REQUIRED" instructions), and the agent is required to read those untrusted, user-generated sources and let their findings (including recommended prompt formats) determine subsequent actions—creating a clear avenue for indirect prompt injection.