stock-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflows (SKILL.md and references/daily-report.md, weekly-report.md) call commands like "npx ticker-cli news SYMBOL" and "npx ticker-cli screener" that fetch Yahoo Finance news/screener data from public third-party websites and explicitly instruct the agent to read and act on headlines/content when generating reports and trading insights, exposing it to untrusted third-party content that could inject instructions.