content-multiply

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (Step 1 "Read Engagement Data" from memory/analytics/engagement-log.json and Step 3 "Extract the core insight from the comment", plus the "Original: [URL]" field in the Approval Flow) explicitly consumes user-generated Reddit/Twitter/LinkedIn/XHS posts and uses their content to generate and schedule derivatives, so untrusted third‑party content can directly influence agent decisions and actions.