findata-toolkit-cn

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and interprets public third‑party data via AKShare calls (e.g., scripts/common/akshare_runner.py used by scripts/stock_data.py and scripts/macro_data.py which call functions like stock_comment_detail_scrd_focus_em/news_trade_notify_dividend_baidu and CNINFO-related tools) and the views runner can also call arbitrary remote view APIs (FINSKILLS_VIEW_API_URL) — these are untrusted/public sources whose content is parsed and used to drive decisions such as assess_business_cycle, so they could enable indirect prompt injection.