diff --git a/backend/src/db/sources.rs b/backend/src/db/sources.rs
index aab1fbf..d04bae8 100644
--- a/backend/src/db/sources.rs
+++ b/backend/src/db/sources.rs
@@ -176,18 +176,21 @@ pub async fn update_preferred(
 ///
 /// Called during synthesis generation when a feed is discovered or re-verified.
 /// Pass `rss_url = None` to clear a previously cached feed (e.g., feed no longer exists).
+/// Only updates the source if it belongs to the given user (ownership check).
 pub async fn update_source_rss(
     pool: &PgPool,
     source_id: Uuid,
+    user_id: Uuid,
     rss_url: Option<&str>,
     rss_discovered_at: Option<DateTime<Utc>>,
 ) -> Result<(), AppError> {
     sqlx::query(
-        "UPDATE sources SET rss_url = $1, rss_discovered_at = $2 WHERE id = $3",
+        "UPDATE sources SET rss_url = $1, rss_discovered_at = $2 WHERE id = $3 AND user_id = $4",
     )
     .bind(rss_url)
     .bind(rss_discovered_at)
     .bind(source_id)
+    .bind(user_id)
     .execute(pool)
     .await?;
 
diff --git a/backend/src/services/synthesis/mod.rs b/backend/src/services/synthesis/mod.rs
index f4ac128..5cdc8ec 100644
--- a/backend/src/services/synthesis/mod.rs
+++ b/backend/src/services/synthesis/mod.rs
@@ -282,6 +282,7 @@ pub async fn run_generation_inner(
                 db::sources::update_source_rss(
                     &state.pool,
                     source_id,
+                    user_id,
                     new_rss_url.as_deref(),
                     new_discovered_at,
                 ).await.ok();