feed-diet

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches public, user-generated content (Hacker News via scripts/hn-fetch.sh and arbitrary RSS/Atom feeds from user-supplied OPML via scripts/opml-parse.sh), then pipes those titles/URLs into scripts/classify.sh (LLM or rule-based) and the report/digest generators, meaning untrusted third-party content is ingested and can materially influence classification, recommendations, and downstream agent behavior.