news-extractor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill accepts user-provided public news URLs and fetches/parses their pages (e.g., mp.weixin.qq.com, toutiao.com, 163.com, sohu.com, news.qq.com) via scripts/extract_news.py and the crawlers/fetchers (RequestsFetcher/CurlCffiFetcher), so it processes untrusted third-party content that could carry indirect prompt-injection.