opennews

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests open/public news articles from the OpenNews 6551 API (e.g., POST https://ai.6551.io/open/news_search in SKILL.md), including article text/links and aiRating signals that the agent would read and could materially influence trading decisions, so untrusted third‑party content could inject instructions indirectly.