link-reader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and parses user-generated content from third-party sources (Twitter/X via api.fxtwitter.com and Reddit via appended .json on reddit.com) as part of its required workflow in SKILL.md, and it uses that content to drive formatting, follow-up actions (e.g., following conversations) and presentation decisions, so untrusted content could inject instructions that affect agent behavior.