crawl-xueqiu-my-timeline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches public, user-generated posts from Xueqiu (see scripts/crawl_xueqiu_home_timeline_api.py calling agent-browser to GET https://xueqiu.com/v4/statuses/home_timeline.json and SKILL.md describing AI/subagent analysis of the resulting Markdown), and those untrusted posts are read and used to drive analysis and subagent actions—allowing third‑party content to materially influence agent behavior and enabling indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill's setup script (scripts/check-agent-browser.sh) runs at runtime and executes "npm install -g agent-browser --registry=https://registry.npmmirror.com", which fetches and installs remote code (agent-browser) that the skill requires and will execute, so the registry URL https://registry.npmmirror.com is a runtime external dependency that can install/execute remote code.