stock-briefing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's script (scripts/stock_briefing.py, function get_news_cls and its fallback to Sina) directly fetches and scrapes public third‑party news from 财联社 (https://www.cls.cn/nodeapi/...) and 新浪 (zhibo.sina.com.cn) and then incorporates that untrusted, externally authored text into the generated report output, so arbitrary third‑party content is ingested and used in the workflow.