@554/news-aggregator-skill

Warn

Audited by Snyk on Mar 18, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The skill directly fetches and scrapes open/public third‑party sources (e.g., Hacker News, Weibo, GitHub Trending, various RSS feeds) as implemented in scripts/fetch_news.py (fetch_hackernews, fetch_weibo, fetch_github, fetch_rss_feed) and fetches full article text via enrich_items_with_content / fetch_url_content, and SKILL.md plus instructions/briefing_general.md explicitly require the agent to read and use the JSON 'content' field for deep analysis and report generation—meaning untrusted, user-generated web content is ingested and can materially influence the agent's outputs and actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 18, 2026, 03:10 AM
Issues
1
Security Audit — snyk — @554/news-aggregator-skill