financial-analysis-stock-screening

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime scripts (scripts/get_fundamentals.py and scripts/get_quote.py) explicitly fetch live data from public sites (SEC EDGAR at data.sec.gov and Yahoo Finance) and SKILL.md requires using web search to build the universe and the script output to compute scores, so untrusted third-party web content is ingested and directly drives filtering, scoring, and ranking.