kol-content-monitor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to scrape and ingest user-generated posts from public LinkedIn profiles (Phase 1: "Scrape LinkedIn Posts") and public Twitter/X handles (Phase 2: "Scrape Twitter/X Posts"), and then to read/cluster those posts to drive topic ranking and content-action recommendations—meaning untrusted third-party content directly influences the agent's decisions and next actions.