iFinD-Finance-Data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md and the call-node.js / call.py code clearly show it fetches news, notices, search results and other data from the external iFinD MCP servers (e.g., the news/notice endpoints at https://api-mcp.51ifind.com:8643/... listed in SERVERS), and those returned untrusted public news/announcement/search contents are intended to be read and used by the agent (e.g., "search_news", "search_notice", "search_edb" → subsequent queries), so third-party content can materially influence the agent's decisions and follow-up actions.