blog-scraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's CLI and code (scripts/scrape_blogs.py — discover_feed_url, scrape_rss, and scrape_apify) fetch and parse RSS/HTML from arbitrary public blog URLs and Apify-scraped pages, clearly ingesting untrusted third-party (user-generated/public web) content that the tool reads and uses to filter/summarize results, which could allow indirect prompt-injection via feed/page content.