@554/lunarcrush

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches public social posts and news via LunarCrush API endpoints (e.g., tools/topics.py functions like get_topic_posts/get_topic_news and search_content which call make_request to /public/... endpoints) aggregating untrusted user-generated content from Twitter/Reddit/YouTube/etc. (noted in SKILL.md "Social platforms") that the agent ingests, summarizes, and uses to drive decisions and rankings (e.g., sentiment summaries and "Find Rising Coins" workflow), creating a clear vector for indirect prompt injection.