tech-news

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill clearly fetches and scrapes public, user‑generated sources (e.g., Hacker News, Reddit, Dev.to, GitHub Trending and other RSS/HTML scraping in scripts/fetch_news.py and references/SOURCES.md), and scripts/generate.py passes those fetched titles/descriptions into scripts/llm_translate.py (LLM calls), so untrusted third‑party content is ingested and read/interpreted by the agent, enabling indirect prompt injection.