share-repurchase-monitor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md and references/data-queries.md) instructs the agent to run the ../findata-toolkit-cn views_runner to fetch data from public third-party sources (e.g., 东方财富网 via stock_repurchase_em and 巨潮资讯/cninfo via stock_share_change_cninfo), which the agent must read and use to generate signals and next actions, exposing it to untrusted third‑party content that can materially influence decisions.