newsletter-campaign-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill ingests external RSS feed content (see the /api/cron/ingest-rss cron and rss_feeds table) and passes untrusted fields like post.full_article_text into callAIWithPrompt for article generation and selection, so third‑party content can directly influence AI outputs and workflow decisions.