analyzing-market-sentiment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and parses untrusted public third‑party content (news RSS feeds listed in config/settings.yaml and scripts/news_sentiment.py such as CoinTelegraph/CoinDesk/Decrypt, plus public APIs like Alternative.me and CoinGecko referenced in SKILL.md and ARD.md), and the NewsSentimentAnalyzer and other fetchers explicitly ingest and score that content to compute a composite sentiment that materially influences outputs and downstream decisions.