ai-news-briefing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill fetches and parses RSS feeds from many public third-party sites (see collectors/*.py which call collectors/rss_common.py to read URLs like https://export.arxiv.org/rss/... , https://juejin.cn/rss, https://openai.com/news/rss.xml, etc.), and then includes titles/snippets verbatim into the AI prompt via pipeline/prompt_builder.py, exposing the agent to untrusted web content that could carry indirect prompt injections.