blog-scraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's CLI and SKILL.md plus scripts/scrape_blogs.py clearly fetch and parse arbitrary public blog pages and RSS/Atom feeds (requests.get in discover_feed_url, scrape_rss, and scrape_apify), ingesting untrusted third-party content (public blogs/feeds) that is parsed and returned for use, which could allow indirect prompt injection into downstream decision-making.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The script unconditionally reads GOOSEWORKS_API_KEY and calls the Apify proxy API (e.g. POST to https://app.gooseworks.ai/v1/proxy/apify/acts/jupri~rss-xml-scraper/runs), which at runtime launches remote actor code execution and is therefore a required external runtime dependency.