news-aggregator-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's fetch script (scripts/fetch_news.py) and SKILL.md explicitly crawl and "deep fetch" article text from public, user-generated sources (Hacker News, Weibo, V2EX, GitHub Trending, Product Hunt, 36Kr, Tencent, WallStreetCN) and require the agent to read and deeply analyze that untrusted third‑party content as part of its workflow, which could enable indirect prompt injection.