hot_topics_selector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's Python fetchers (scripts/fetch_hot_topics.py and scripts/fetch_news_content.py) actively pull titles and full article content from public platforms (Weibo, Baidu, 今日头条, 抖音, 财联社 and arbitrary article URLs) into /tmp/hot_topics.json and /tmp/news_content.json which the Agent then reads in Phase 1 and Phase 3, exposing it to untrusted, user-generated third‑party content that could carry indirect prompt injection.