wemp-operator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and scrapes open/public third‑party sites (see scripts/content/fetch_news.py and scripts/content/collect-news.mjs / smart-collect.mjs which pull from HackerNews, Weibo, Zhihu, V2EX, GitHub, etc.), then uses those collected items as inputs to AI-driven generation and publishing workflows (see scripts/content/generate.mjs and publish.mjs), so untrusted user-generated web content can materially influence subsequent AI prompts and actions.