ai-edge-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to fetch and scrape open/public user-generated sources (e.g., hn.algolia.com API and Hacker News discussion pages via web_fetch, Reddit via site:reddit.com web_search, Telegram public channels via https://t.me/s/, and GitHub trending pages) and to read and triangulate that practitioner content to drive research conclusions and tool/decision recommendations, which clearly exposes the agent to untrusted third-party content that can indirectly inject instructions.