multi-agent-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's templates and examples (e.g., the "数据收集型" template and Example1/Example2 in references/examples.md and agent-templates.md) explicitly instruct subagents to fetch and ingest content from open web sources such as search engine results, technical blogs, open-source docs, web crawling and arbitrary APIs (e.g., "搜索引擎搜索相关文章", "从网络爬取资料", example URLs), and the agent is expected to read/interpret those results as part of the workflow, exposing it to untrusted third-party content.