funda-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests public, user-generated third-party content (e.g., tweets and Reddit posts via /v1/twitter-posts and /v1/reddit-posts, Polymarket via /v1/polymarket/*, public SEC filings/transcripts via /v1/sec-filings and /v1/transcripts, and scraped job postings via /v1/recruit-job-postings) and the SKILL.md plus the reference files require the agent to read and act on those responses as part of its analysis/workflow, so untrusted external content could indirectly inject instructions or influence actions.