panews

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and synthesizes user-generated community comments (e.g., references/workflow-topics.md: "get-topic --lang — Returns the topic description and the latest 10 community comments") and reads public Polymarket leaderboard payloads as part of its workflows, so it consumes untrusted, public third-party content that the agent is expected to interpret and use to form summaries and decisions.