sustainability-rss-fetch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and parses public RSS/Atom feeds listed in assets/journal.opml (and arbitrary --feed-url/OPML sources) using feedparser in scripts/rss_subscribe.py (e.g., collect-window/collect_candidates_from_feed) and then instructs an agent to "Screen candidates in agent context" (SKILL.md step 3), so untrusted third‑party feed content is read and can directly influence relevance decisions and subsequent DB actions.