postey

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly fetches and consumes user-generated social media content from the Postey API (see scripts/postey.js calls to GET /posts and GET /posts/parsed/content and the SKILL.md "Read parsed content for X" / drafts:list/drafts:get flows), and that returned third‑party content is used to infer platforms and drive publish/schedule actions — so untrusted content could indirectly inject instructions that affect agent behavior.