paw-cra-strategist

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly instructs the agent to fetch and ingest public social and web content (e.g., agent-browser commands in references/browser-tools.md and research flows in references/competitor-research.md and references/autonomous-wake.md that call web_search_exa/crawling_exa and extract Instagram/TikTok/LinkedIn posts), and to read/synthesize those sources into reports and actions, exposing it to untrusted user-generated third-party content that can influence tool use and decisions.