rss-aggregator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts/aggregate.py reads feed URLs from references/feeds.opml and fetches/parses public RSS feeds (external blogs and Substacks) and ingests their entry summaries as part of its required workflow, exposing the agent to untrusted third-party content that could contain instructions influencing outputs.