finance-news

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public RSS/web content (see config/config.json and scripts/fetch_news.py which calls fetch_rss against sources like WSJ, CNBC, Yahoo, Reuters, Bloomberg) and those articles are summarized and used by summarize.py/briefing.py to generate briefings and drive sends/decisions, so untrusted third‑party content can materially influence agent actions.