feed-digest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and parses arbitrary public, user-generated content—e.g., RSS/Atom feeds from user-configured URLs via scripts/fetch_feeds.py (feeds.local.md or --urls), forum/search results via scripts/deep_search.py (Discourse, Hacker News, V2EX, Tavily/Exa), and GitHub issues via scripts/fetch_github_issues.py—and the agent ingests and summarizes/analyses that untrusted third-party content as part of its workflow.