business-ads

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Puppeteer/browser scripts explicitly fetch and parse user-generated content from X (x.com) — e.g., search results, profile pages, and follower lists referenced in SKILL.md (monitorBrandMentions, getAudienceInsights, autoPlugReplies) — and then act on that data, so untrusted third-party content could materially influence behavior and enable indirect prompt injection.