gate-news-intel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). This skill explicitly collects and synthesizes open/public third-party content (UGC and social) via gate-cli commands such as news feed search-ugc, news feed search-x, news feed web-search, and news feed get-social-sentiment (see SKILL.md Step 2 and references/cli-reference.md), and mandates that the agent read and incorporate that untrusted UGC/social/web content into the Section 3 community/UGC synthesis, allowing third-party text to influence report conclusions and follow-up actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The bundled update scripts (scripts/update-skill.ps1 and scripts/update-skill.sh) fetch remote skill content at runtime from GitHub (e.g. https://raw.githubusercontent.com/gate/gate-skills/master/skills//SKILL.md and https://github.com/gate/gate-skills.git / https://github.com/gate/gate-skills/archive/refs/heads/master.zip) and can clone/download and overwrite local skill files (thus executing or installing remote code and changing the agent's instruction files), which meets the criteria for a runtime external dependency that can control prompts or execute code.