stock-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly calls public Yahoo Finance APIs and pulls SEC EDGAR documents (e.g., Yahoo/get_stock_profile, Yahoo/get_stock_insights, Yahoo/get_stock_sec_filing) to ingest and interpret third‑party web content (research reports, filings, headlines) that are then used to drive analysis and investment decisions, creating an avenue for indirect prompt injection.