lunarcrush

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches social posts and news from the LunarCrush API (see tools/utils.py make_request -> https://lunarcrush.com/api4 and content-fetching functions in tools/topics.py, tools/creators.py, and exports.py like get_topic_posts/get_topic_news/search_content), which aggregate user-generated social media and public news content that the agent ingests and uses in workflows and decision-making (see SKILL.md), so untrusted third-party content can influence tool actions.