daily-briefing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and parses open/public, user-generated sources — e.g., the Karpathy OPML Gist (https://gist.githubusercontent.com/.../hn-popular-blogs-2025.opml) and the RSS feeds it lists, scrapes GitHub Trending (https://github.com/trending), reads Hacker News via the Firebase API, Readhub API, and V2EX hot topics — and directly uses that untrusted content to build and send the agent's daily briefings, so third-party content can influence what the agent publishes.