collect

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's collectors clearly fetch and parse open/public third‑party content (e.g., fxb.mjs calling scys.com, gh-trending.mjs scraping https://github.com/trending, rss-*.mjs and news/trends/xhs collectors using external RSS and NewsNow APIs) and the workflow explicitly instructs subagents to read the saved JSON files ($SAVE_DIR/{source}.json) and the synthesizer to consume those reports to drive actions, so untrusted user-generated content can directly influence agent decisions.