quick-game

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Step 0: Parse arguments" explicitly instructs fetching a tweet ("If arguments contain a tweet URL: 1. Fetch the tweet using the fetch-tweet skill") and then to "creatively abstract a game concept from the tweet," meaning it ingests untrusted, user-generated public social-media content and uses that content to drive implementation decisions.