douban-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill fetches and ingests user-generated content from public Douban endpoints (frodo.douban.com via scripts/douban-frodo-export.py and the public RSS feed https://www.douban.com/feed/people//interests via scripts/douban-rss-sync.mjs) and the code parses titles/comments to drive pagination, categorization, and file-write decisions, so untrusted third-party content can materially influence runtime behavior.