producthunt

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill queries Product Hunt's public GraphQL API (API_URL https://api.producthunt.com/v2/api/graphql via scripts/producthunt_api.py) to fetch user-generated posts, descriptions and comments (e.g., scripts/get_post.py and scripts/get_post_comments.py) and prints/returns that content for the agent to read, exposing it to untrusted third-party input that could contain indirect prompt-injection payloads.