a-share-stock-picker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly scrapes and ingests public third‑party content (e.g., Tonghuashun/10jqka endpoints and pages, Eastmoney, Sina) via scripts like scripts/fetch_quotes.py, scripts/fetch_ths_context.py and scripts/ths_context.py and then uses that untrusted news/article/context data to build evidence and drive scoring/trading actions, so external page content can materially influence the agent's decisions.