news-shopping

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly instructs the agent to call enrichx402.com/api/serper/news and /serper/shopping (via x402.fetch and the "News Monitoring"/Workflows sections) to retrieve Google News and Google Shopping results—public third‑party content the agent is expected to read, summarize, and act on—so untrusted external content can materially influence decisions and tool use.