article-saver

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill directly fetches and scrapes arbitrary public/user-generated articles from third-party sites (mp.weixin.qq.com, x.com/twitter.com, zhihu.com) and via r.jina.ai, and then parses and interprets that content in scripts/saver.py (read_with_jina, extract_content, Playwright scraping), exposing the agent to untrusted third-party content that could carry indirect prompt injections.