capital-market-topic-scout

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and scripts (e.g., fetch_newsnow_topics.py / fetch_hot_topics.py and SKILL.md Step 1) explicitly fetch and ingest public third‑party content via the NewsNow API (https://newsnow.busiyi.world) and sources like 财联社, 华尔街见闻, 微博, 知乎, and then use those headlines to drive topic selection and generate platform-specific actions, so untrusted web content can materially influence the agent's decisions and tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime fetcher (scripts/fetch_newsnow_topics.py and test_newsnow_api.py) makes live requests to the NewsNow API at https://newsnow.busiyi.world/api/s and injects the returned JSON hot-topic items into the workflow that feeds the agent's topic-generation prompts, so external content fetched at runtime can directly influence prompts.