earnings-calendar

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly lists the third‑party library "yfinance" and scripts/earnings.py calls trading_skills.earnings.get_earnings_info which indicates the skill fetches earnings data from public Yahoo Finance (an untrusted public web source) that the agent reads and uses to determine timing/decisions.