media-auto-publisher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill autonomously navigates to public platform URLs (see PlatformNavigator.PLATFORMS home_url/publish_url like https://zhuanlan.zhihu.com/ and others) and parses page snapshots (e.g., media_publisher.detect_popup_in_snapshot and PlatformNavigator/PopupCloseHandler snapshot parsing) to detect popups and login indicators, so it ingests untrusted, user-visible web content that can drive clicks and navigation decisions.