a-stock-analysis-lite

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's mandatory data-collection workflow (SKILL.md Step 1 referencing references/data-sources.md) instructs the agent to fetch and parse live public finance pages (e.g., https://quote.eastmoney.com/{交易所代码}{股票代码}.html, Sina/Tencent/同花顺 URLs) and use those scraped values as authoritative inputs for pricing, financials, triggers and scenario decisions, so untrusted third‑party content can directly influence agent behavior.