ai-tech-rss-fetch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's sync workflow (SKILL.md) and scripts/rss_subscribe.py explicitly call feedparser.parse(feed_url) to fetch and parse RSS/OPML entries from public sites (e.g., assets/hn-popular-blogs-2025.opml and user-supplied feed URLs), ingesting untrusted, user-generated feed metadata (titles, summaries, etc.) that the agent uses to decide inserts/updates and deduplication, so third-party content can materially influence tool behavior.