hotspot-collector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to "并行搜索上述信源" and to collect/aggregate content from public user-generated sources such as Twitter/X, Hacker News, Product Hunt, GitHub Trending, 即刻, 微信公众号, 微博, and 知乎, meaning the agent will fetch and interpret untrusted third‑party content that can influence selection and downstream actions (e.g., heat_score, top_comments, implied angles).