market-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and analyzes open/web third-party content—e.g., get_news(ticker), get_global_news(), and reddit_utils.py for Reddit sentiment (and uses yfinance/Alpha Vantage for market data)—and the workflow (SKILL.md steps) requires interpreting that untrusted user-generated/news content to drive analysis and trading recommendations, so those sources could inject instructions that materially influence actions.