post-bridge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md and MCP documentation explicitly accept and download public media_urls ("MCP tools accept media_urls (public URLs) — the server downloads and uploads them automatically") and its "Recommended Workflow" instructs extracting frames and writing captions based on video content, meaning untrusted, user-provided third-party media are ingested and expected to be read/interpreted and can influence posting decisions.