hhxg-market

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime code (scripts/_common.py) fetches JSON from the public site https://hhxg.top/static/data and scripts like fetch_snapshot.py, calendar.py and news.py parse fields such as ai_summary, comparison, signals_count and links which the agent uses to construct responses, so untrusted third‑party data from hhxg.top is directly consumed and can materially influence the agent's outputs and actions.