news-aggregator-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts (scripts/fetch_news.py) actively fetch and scrape open/public third‑party sources—Hacker News, Weibo, V2EX, GitHub Trending, Product Hunt, 36Kr, Tencent News, WallStreetCN—and the --deep option downloads and injects article body text into items that the agent must read and analyze, exposing it to untrusted/user‑generated content that could carry indirect prompt injection.