last30days

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public, user-generated content from Reddit, X, and arbitrary web pages (see SKILL.md "Research ANY topic across Reddit, X, and the web" and scripts/last30days.py which calls openai_reddit, xai_x and a WebSearch tool), and its workflow requires the agent to "ground your synthesis in the ACTUAL research content" and to follow formats or instructions discovered in that content (e.g., "If research says to use a specific prompt FORMAT, YOU MUST USE THAT FORMAT"), so untrusted third‑party posts can materially influence the agent's outputs and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The README explicitly instructs cloning and installing code from https://github.com/mvanhorn/last30days-skill.git (git clone ...) and running the skill's Python scripts, which fetches remote code that will be executed and directly controls the agent's prompts/workflow.