aeon-last30

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly states the agent fetches and analyzes content from open/public third-party sources (Reddit, X/Twitter, Hacker News, Polymarket, and the open web), i.e., untrusted user-generated content that the agent must read/interpret to form clusters, ranks, and contrarian recommendations, creating a clear indirect prompt-injection risk.