suitability-report-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly instructs running shared scripts in references/data-queries.md (../findata-toolkit-cn/scripts/views_runner.py) to fetch real-time market data from public sources (e.g., 东方财富 tool views and optional XUEQIU token), meaning the agent ingests untrusted third-party web content that can materially influence its analysis and actions.