afa-ops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and acts on untrusted, user-generated third-party content — e.g., references/automation-blueprint-collection.md and references/work-modes-and-templates.md describe monitoring social media mentions and review platforms (Yotpo/Loox/Trustpilot), calling external tracking APIs (AfterShip/17TRACK) and using an LLM to analyze UGC and reviews to generate replies or route workflows, which can materially influence tool actions.