rss-agent-viewer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md shows the tool discovers and fetches arbitrary public RSS/Atom feeds and web search results (commands like "rss-viewer discover ", "rss-viewer add ", "rss-viewer read" and "discover-search"), so the agent ingests and acts on untrusted third-party articles that could contain instructions influencing its actions (e.g., auto-add/--read flows).