binance-us-briefing-engine

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The bundled script (scripts/binance_us_brief.py) explicitly fetches and parses Google News RSS feeds from news.google.com (GOOGLE_NEWS_RSS) via fetch_asset_news/http_get_text and then scores and uses those third‑party headlines and links to build headlines, suggested_action, decision_frame, and other behaviors — meaning untrusted public web content is ingested and can materially influence the agent's next actions.