edge-candidate-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly runs and parses output from an arbitrary external LLM CLI via --llm-ideas-cmd (see generate_llm_hints in scripts/auto_detect_candidates.py and references/ideation_loop.md) and also ingests optional news_reactions/futures tables, and those untrusted inputs are used directly to boost scores and drive ticket generation/export, so third-party content can materially change agent behavior.