daily-news

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md) and method files (references/methods/webfetch-smart.md, references/methods/browser-smart.md and the rss.py script) explicitly fetch and ingest content from public websites and social feeds (including X/Twitter via Browser MCP) and then parse/summary that untrusted user-generated content to make relevance scores and drive report generation, so third‑party pages can materially influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill configures Browser MCP to run the npm package via "npx @browsermcp/mcp@latest" (added to ~/.claude.json) which will fetch and execute remote code at runtime when browser-smart methods are used, so this is a runtime external dependency that executes remote code.