healthcare-monitor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly scrapes and ingests untrusted public web content (e.g., 天眼查/企查查, Firecrawl, 36氪, Twitter/微博, 国家公示系统) via Playwright and scraper scripts as described in SKILL.md and docs/FREE_SCRAPER_GUIDE.md, and the agent uses that external content to drive AI funding-detection, alerts, and follow-up actions—creating a clear path for indirect prompt injection.