maishou

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts/main.py makes requests to external public APIs (e.g., https://msapi.maishou88.com/api/v1/share/searchList and https://appapi.maishou88.com/api/v3/goods/detail) and directly ingests/display product titles, shop names, details and links from those third‑party sources, which are untrusted external content that could contain injected instructions.