alphaear-predictor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires fetching and ingesting open-web news/search results as part of its workflow—e.g., SKILL.md and references/PROMPTS.md require using "Latest Intelligence/News Context" to adjust forecasts, and scripts/prompts/fin_agent.py and scripts/prompts/trend_agent.py instruct calling web_search/fetch_news_content/news_toolkit/search_toolkit to gather third‑party news—which the agent must read and use to change model forecasts, exposing it to untrusted, user-generated web content that could carry indirect prompt injections.