cninfo-to-notebooklm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill programmatically downloads publicly posted company reports from cninfo.com.cn (see scripts/download.py which queries http://www.cninfo.com.cn and pulls PDFs from static.cninfo.com.cn) and then uploads those third‑party PDFs into NotebookLM for the agent to read and analyze, which clearly exposes the agent to untrusted external content that could carry indirect prompt injection.