@554/news-aggregator-skill
Warn
Audited by Snyk on Mar 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill directly fetches and scrapes open/public third‑party sources (e.g., Hacker News, Weibo, GitHub Trending, various RSS feeds) as implemented in scripts/fetch_news.py (fetch_hackernews, fetch_weibo, fetch_github, fetch_rss_feed) and fetches full article text via enrich_items_with_content / fetch_url_content, and SKILL.md plus instructions/briefing_general.md explicitly require the agent to read and use the JSON 'content' field for deep analysis and report generation—meaning untrusted, user-generated web content is ingested and can materially influence the agent's outputs and actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata