day5-fetch-and-digest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and processes public user-generated content—e.g., references/block1-fetch-tweet.md instructs fetching X/Twitter via the FxEmbed API (api.fxtwitter.com) and references/block2-fetch-youtube.md instructs extracting YouTube auto-subtitles with yt-dlp plus Web Search correction—and then reads and acts on that content (translation, correction, quiz generation), so untrusted third‑party content can materially influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly directs runtime fetching from the FxEmbed API (https://api.fxtwitter.com/{screen_name}/status/{status_id}) to obtain tweet JSON which is injected into the agent's context and used to drive prompts, making it a required external dependency that directly controls the agent's outputs.