news

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses open/public third-party content (RSS feeds and web pages) as described in SKILL.md and implemented in scripts/news.py (SOURCES contains public sites like Hacker News, Product Hunt, OpenAI Blog, etc.), and that untrusted/user-generated content is ingested and used by fetch_news/format_news to select, filter, and present articles—so third-party content can influence the agent's outputs and choices.