news-aggregator-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill's scripts (scripts/fetch_news.py, especially fetch_url_content and the per-source fetch_* functions) explicitly scrape and ingest real-time content from untrusted public sites (Hacker News, Weibo, GitHub Trending, Product Hunt, V2EX, 36Kr, Tencent, WallStreetCN, etc.) and then requires the agent to perform deep AI analysis on that content (the --deep mode and "Deep Analysis (Required)" rules), which clearly exposes the agent to untrusted third‑party content that could enable indirect prompt injection.