gate-news-listing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow explicitly calls news_feed_get_exchange_announcements to ingest public exchange announcements (and the README/Report Template notes "compiled from public announcements"), which the LLM reads and uses to select coins, supplement data, and drive report generation — exposing the agent to untrusted third-party public content that can influence actions.