rssidian: why it is not safe to use
RSSidian passed at 85/100 with two notes: feed text enters the LLM prompt, and article content is sent to OpenRouter for summarization.
What we found
RSSidian passed our review with a score of 85/100. Two items are worth flagging, and both are inherent to how any AI summarizer works rather than signs of wrongdoing by the tool.
First, article text from your feeds is inserted into the summarization prompt through a configurable `{content}` template. A hostile feed could try to embed instructions that steer the model. This is a general risk for anything that summarizes untrusted text, not an attack by RSSidian itself.
Second, article content is sent to the OpenRouter API for summarization and scoring. This is disclosed and expected behavior, but it does mean your feed content leaves your machine and reaches a third party.
Everything else was clean: no hardcoded secrets, no destructive commands, no obfuscated logic, no unexpected network destinations, and no attempts to read unrelated credentials.
What to do instead
Run RSSidian with feeds you trust, and read its prompt template before customizing it. If any of your feeds carry sensitive or private material, point it at a local model endpoint rather than OpenRouter so that content stays on your device.
Source: https://github.com/pedramamini/RSSidian
We report what our security review found at the time we checked, with the goal of keeping people safe. Projects change; if a maintainer has since fixed this, we are glad to recheck it. Email hello@agentpod.com.