blogwatcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's fetchFeed() function (called by watchFeed and checkAllFeeds) fetches and parses RSS/Atom XML from arbitrary feed URLs provided in config/feeds.json or via the --url CLI, and those parsed entries are directly used to decide notifications and actions (see handleNotifications/sendTelegramNotification/sendDiscordNotification), so untrusted third‑party feed content can materially influence runtime behavior.