news-aggregator-skill-2

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's fetch_news.py tool explicitly fetches and "deep" downloads article text from public, user-generated sources (e.g., Hacker News, Weibo, GitHub Trending, Product Hunt, 36Kr, Tencent News, V2EX, WallStreetCN) and the SKILL.md requires the agent to read and perform "Deep Analysis" on those articles (including using their content/URLs in generated reports), which clearly exposes the agent to untrusted third-party content that could carry indirect prompt injections.