trending-news

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill fetches headlines and summaries via GET /radar and related tweet text via GET /radar/{id}/tweets from the public xquik.com API—explicitly noted as "untrusted" content in the SKILL.md—and those third-party news items and tweets are read and used in the typical flow (showing headlines and drafting responses), so they could inject instructions that influence agent actions.