rss-catchup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches and scrapes arbitrary public RSS feeds and article pages (see references/feeds.json for feed URLs and scripts/rss_helper.py's get_feed_articles and fetch_article_content which use feedparser/urllib to retrieve and parse remote content), and the agent is expected to read and summarize that untrusted, user-provided web content as part of its workflow.