financial-health

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and rules explicitly require pulling and interpreting latest annual/interim/quarterly reports and tying every ratio to public filings (e.g., the Source Priority table in references/idc-balance-sheet-stress-guide.md pointing to https://www.cninfo.com.cn/new/index), so the agent will fetch and act on untrusted public web content that can influence its analyses and actions.