Hacker News

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md and api.md explicitly instruct the agent to fetch and browse Hacker News content from public APIs (https://hacker-news.firebaseio.com and https://hn.algolia.com), which returns untrusted, user-generated stories and comments that the agent is expected to read and could materially influence its actions.