reddit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses user-generated content from Reddit's public JSON API (see "Read actions use Reddit's public JSON API" in SKILL.md and the publicFetch/getPosts/getComments/searchPosts functions in scripts/reddit.mjs), and that untrusted content is consumed and used by the agent to display results and drive actions (searching, replying, submitting, and moderation), so third-party posts/comments could indirectly inject instructions affecting behavior.