ai-news-digest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public RSS/HTML feeds from third‑party sites listed in references/sources.yaml (via scripts/fetch_feeds.py's FeedFetcher.fetch_all called from scripts/run.py) and then parses/summarizes that untrusted public content in scripts/parse_feeds.py and summarize_llm.py, so the agent will read and interpret external user-generated/public web content.