tg-channel-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scout pipeline explicitly fetches search results from arbitrary web sources via $SEARXNG_URL (see references/scout-prompt.md and SKILL.md curl command) and explicitly requires "MANDATORY open the source and read its content" to create drafts that directly influence publishing decisions, exposing the agent to untrusted third‑party webpages that could carry indirect prompt injection.