ritekit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs connecting via the Membrane CLI to the third‑party Ritekit service and running actions such as "Get Hashtag Analytics" and "Get URL Metrics", which fetch untrusted public/social URL and hashtag data that the agent will read and use to guide recommendations or follow-up actions, creating a channel for indirect prompt injection.