devpilot-daily-toolkit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (scripts/fetch_news.py reading feeds.json) fetches and parses RSS from public sites listed in feeds.json (e.g., TechCrunch, The Verge, Google News), and the SKILL.md explicitly instructs the agent to translate and summarize those English summaries into Chinese and to pin/reshape the briefing—so it actively ingests and interprets untrusted third‑party web content that can change output ordering and emphasis.