shareholder-risk-check

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow and references (references/data-queries.md and references/methodology.md) explicitly instruct running ../findata-toolkit-cn scripts to fetch public third‑party data sources (e.g., 东方财富, AKShare, 交易所公告, 天眼查) which the agent ingests and uses to drive analysis and decisions, exposing it to untrusted external content.