linkedin-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to fetch and scrape external YouTube transcripts and arbitrary blog/article URLs (using Apify actors and WebFetch) when a user supplies only a URL, meaning the agent will ingest untrusted, user-generated public web content as part of its required workflow (see "When the user provides only a URL" and the Apify/WebFetch call examples in Step 0).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly calls external Apify actors at runtime — e.g., actorId "topaz_sharingan/Youtube-Transcript-Scraper-1" and "apify/web-scraper" — which execute remote scraping code and return content that will be injected into the agent's context when a user supplies only a URL, meeting the criteria for a runtime external dependency that executes remote code and influences the agent's behavior.