stock-market-pro

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill clearly ingests untrusted third‑party web content — e.g., scripts/ddg_search.py (DuckDuckGo news results), scripts/uw.py (Playwright scraping of unusualwhales.com), and yfinance calls in scripts/yf.py (Yahoo Finance) — and parses/summarizes that data as part of its reporting and option workflows, so external page content can materially influence analysis and next actions.