rss-aggregator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's scripts/aggregate.py uses feedparser.parse to fetch and parse RSS feeds listed in references/feeds.opml, meaning it ingests and summarizes arbitrary public third-party feed content (websites/blogs) that the agent reads and displays, exposing it to indirect prompt injection.