biweekly-collector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and parses untrusted, user-generated public content as part of its workflow—e.g., Pinboard via https://api.pinboard.in, Douban feeds (direct or via https://rsshub.app), and the Telegram RSS at https://tg.niracler.com/rss.xml—then reads, filters, groups, and uses those items to decide what to include in the biweekly draft, so third‑party content could indirectly inject instructions that influence agent behavior.