veld-feedback

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md requires running "veld feedback listen" which ingests human-created thread events (see the JSON with messages[0].body and the "read the message and understand what the human wants" step), so the agent directly reads user-generated feedback from the Veld overlay and is expected to act on it, allowing untrusted third-party content to influence actions.