alphaear-news

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and aggregates public, user-generated news and social content (e.g., sources listed in references/sources.md like weibo, zhihu, hackernews) via scripts/news_tools.py (calling https://newsnow.busiyi.world) and then extracts full page text from arbitrary URLs using scripts/content_extractor.py which proxies through Jina Reader (https://r.jina.ai/), and that untrusted content is parsed and used to generate reports and saved/acted on—exposing the agent to potential indirect prompt injection.