findata-toolkit-cn

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's CLI scripts (scripts/stock_data.py and scripts/macro_data.py) explicitly use AKShare to fetch data from public third‑party sources (noted in SKILL.md and config/data_sources.yaml) and then parse and interpret that live content (e.g., assess_business_cycle, screening, trading signals), so untrusted public web data can materially influence decisions and follow-up behavior.