blog-feed-monitor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill clearly fetches and ingests arbitrary public blog content (RSS/Atom feeds and HTML pages) via scripts/scrape_blogs.py—e.g., discover_feed_url, scrape_rss, and scrape_apify call requests.get and an Apify actor to read external blog URLs—so untrusted third-party content is parsed and returned as part of the workflow.