PANews

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflows (e.g., references/workflow-read-article.md, workflow-topic-research.md, and workflow-topics.md) explicitly instruct the agent to fetch and read PANews articles and community comments via the public API/URLs (e.g., node cli.mjs get-article, get-topic and calls to https://universal-api.panewslab.com and panewslab.com), and those external, user-visible comments/articles are ingested and used to drive summaries and next actions, so untrusted third‑party content could indirectly inject instructions.