blog-scraper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill (SKILL.md and scripts/scrape_blogs.py) fetches and parses RSS/HTML from arbitrary blog URLs (requests.get in discover_feed_url/scrape_rss) and can call Apify to ingest public blog content, which is untrusted user-generated data that the agent consumes and returns for downstream use—creating a clear avenue for indirect prompt injection.