market-alpha-orchestrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly ingests public web/news content as part of its required data-fetch sequence (SKILL.md: "原生 web/fetch 补最新信息" and the Data Freshness/Timeliness playbook) and the data-layer code (scripts/market-alpha-data-layer.py) and routing config call external web-search/MCP fallbacks (e.g., zhipu-web-search-sse, brave-search-dev, tavily-mcp-local) and accept URLs/events, so untrusted third‑party pages and social/news sources are fetched and directly influence agent decisions and tool routing.