tiger-in-the-wild-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow in "Step 2 — Search for new content" explicitly instructs the agent to run web searches and "Fetch and read the page to confirm it is genuine user-authored content," and the "Platforms to prioritize" list names untrusted public sources (Medium, Dev.to, Substack, LinkedIn, Hacker News, Reddit, personal blogs), which the agent then uses to classify entries and choose outreach actions—allowing third-party content to materially influence decisions.