social-intelligence

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs the agent to fetch and parse user-generated Reddit content via the stableenrich.dev API endpoints (https://stableenrich.dev/api/reddit/search and /api/reddit/post-comments), and to summarize/analyze that content for monitoring and decision-making, which exposes the agent to untrusted third-party input that could contain indirect prompt injections.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill repeatedly instructs users to run "npx agentcash@latest fetch", which causes npx to download and execute the remote npm package (agentcash — e.g. https://www.npmjs.com/package/agentcash) at runtime and the skill relies on that package to perform its operations, so this is a runtime external dependency that executes remote code.