hhxg-market

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and ingests JSON from the public site https://hhxg.top/static/data (see BASE_URL in scripts/_common.py and the SKILL.md/openapi.yaml instructions) and the agent is explicitly instructed to read fields like ai_summary, comparison, signals_count and news and use them to form conclusions and follow-up actions, so untrusted third‑party content can directly influence the agent's outputs and behavior.