list-china-today-macro-news

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill actively fetches and scrapes public third‑party news sites (e.g., the Wallstreetcn API at https://api-one.wallstcn.com/apiv1/content/information-flow and 36kr via https://36kr.com/newsflashes) and its --deep mode downloads and extracts article HTML (fetch_url_content), which the agent ingests and uses for AI interpretation and chat output, exposing it to untrusted external content that could carry indirect prompt injection.