fund-screener

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public web content (via AkShare from 东方财富/东方财富网 and, per SKILL.md, via BrowserMCP visiting https://gushitong.baidu.com/fund/ab-{code} to snapshot and parse holdings/scale/近一年收益) and then uses those parsed page values to overwrite CSVs and drive validation/selection logic, which clearly exposes the agent to untrusted third‑party page content that can influence actions.