posthog-replay-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and decodes user-generated PostHog session replays from external hosts (see Step 1 and Step 3 curl calls to "$PH_HOST/api/projects/.../session_recordings/.../snapshots" and the blobs.raw download), then parses those rrweb event streams and uses their contents to drive analysis and triage, so untrusted third-party content can materially influence agent behavior.