media-press-outreach

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill is explicitly designed to handle incoming journalist/podcast requests and the SKILL.md plus references/real-responses.md show the agent must read and act on user-provided, untrusted messages (many containing public social/media URLs and links), so it ingests third‑party user-generated content that can influence its replies and routing decisions.