octocode-news

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly runs network discovery (e.g., "yarn ... fetch-rss" and "catalog-sources") and the references/sources.md catalog lists and requires opening canonical article URLs and reading full page content from open/public sites (Hacker News, Reddit, Techmeme, GitHub Trending, many public blogs and news sites), so the agent ingests untrusted third‑party user-generated web content and uses it to drive research, ranking, verification, and follow-up actions.