release-post

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow explicitly instructs the agent to read package NEWS/CHANGELOG files, research GitHub PRs/issues and vignettes, and run scripts that fetch contributor lists from public GitHub repos (scripts/get_contributors.R using usethis::use_tidy_thanks), and it references external image sources (Unsplash/Pexels), so it ingests and acts on untrusted, user-generated third‑party content which can materially influence post content and actions.