sustainability-summary

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly reads RSS entries and optional fulltext from SQLite DBs populated from public feeds (see SKILL.md "Retrieve time-windowed relevant sustainability RSS evidence" and scripts/time_report.py which loads rows and joins content.entry_content), and the agent is instructed in references/report-format.md to treat those records as primary evidence and anchor claims from DOI/URL—so untrusted, third‑party content is ingested and used to drive agent decisions and summaries.