postplus-shared

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflows explicitly instruct collecting and scraping public social/platform content (e.g., references/shared-tiktok-music-workflow.md names tiktok-music-scraper and a download manifest with sourceUrl like https://www.tiktok.com/@user/video/123, and shared-research-preferences.md routes to platform research skills), meaning the agent ingests untrusted user-generated web content and uses it to analyze and drive downstream actions.