watchers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). Outsider free text is fetched at runtime from user-supplied external URLs (RSS/Atom/JSON endpoints) and then rendered into Markdown and written to stdout (e.g., watch_rss.py parses <description>/<summary> and watch_http_json.py includes --body-field), which the agent can ingest for LLM context.