hot-monitor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's scripts (e.g., scripts/search_web.py and scripts/search_china.py) explicitly fetch and scrape public web pages and social media (Bing, Google, DuckDuckGo, HackerNews, Sogou, Bilibili, Weibo, Twitter) and the SKILL.md and references/analysis-guide.md require an AI (e.g., "Claude") to read and analyze those untrusted, user-generated third‑party results to make authenticity/relevance/importance decisions that determine which items are kept or reported, so third‑party content can directly influence agent behavior.