lunarcrush

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill calls LunarCrush API endpoints (e.g., topics.get_topic_posts -> /public/topic/{topic}/posts/v1 and creators.get_creator_posts -> /public/creator/{network}/{id}/posts/v1) to fetch public social-media posts and news (Twitter/Reddit/YouTube etc.), and SKILL.md/workflows explicitly instruct the agent to read those topic/creator posts and use them for sentiment/trading decisions, so untrusted user-generated content can directly influence agent actions.