rq-earnings-preview

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests open web content via the documented web_search flow (writing/consuming web_search_findings.json as described in SKILL.md and references/web_search.md) and also fetches announcement PDFs from external announcement_link URLs in scripts/extract_announcements.py, and those external findings are validated and directly used to build the report (earnings_event_context, announcement_section, trading_setup, risk), so untrusted third‑party content could materially influence behavior.