content-factory

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's aggregator (scripts/aggregator/fetch_all.py) explicitly fetches and scrapes public, user-generated sources (Weibo, Zhihu, Reddit, YouTube, GitHub, Douyin, Xiaohongshu, etc.) into data/hotpool, and those results are then consumed by the pipeline (SKILL.md, topic_scorer.py, content_generator.py and auto-publisher steps) to score topics and drive generation/publishing, meaning untrusted third‑party content can directly influence agent decisions and actions.