bluesky-by-unshape

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly includes actions like "Get Post by URL" and "Reply to Post" and documents using Membrane's proxy to fetch Bluesky API endpoints, meaning the agent will ingest and act on user-generated public posts from the Bluesky social network (untrusted third-party content) as part of its workflow.