discord

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs calling Discord API endpoints like "GET /channels//messages" (see "When to Use" and "### 5. Get Channel Messages" and related examples) to read user-generated messages from public/third-party Discord channels and then react/moderate or take actions based on that content, which is untrusted and can influence subsequent tool use.