longbridge-catalyst-radar

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly uses "Web Search（兜底）" as a fallback in SKILL.md and references/longbridge-api-map.md (and mentions fetching 做空报告, 传闻、社区/新闻内容 and SocialMCPServiceGetTickerNewsArticles) so it fetches and ingests open/public third‑party/user‑generated web content which the agent reads and uses to generate signals and drive actions.