stock-copilot-pro

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public news and social-media content (e.g., caidazi.news/report, finnhub.news, qveris_social.x_domain_hot_topics and x_developer.2.tweets.search.recent) via executeTool/searchTools in scripts/lib/core/commands/radar.mjs and scripts/lib/infra/qveris-client.mjs, and that parsed third‑party content is used in the radar/brief/analyze workflows (delegated to the LLM and used to build event radar, theses, and recommendations), so untrusted user-generated content can materially influence agent decisions.