zhangxuefeng-advisor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires "联网核实" and a Search Protocol that instructs the agent to fetch and use open/public third‑party sources (e.g., 省教育考试院 / 阳光高考 / 学校本科招生网 and "高考类聚合站") as part of its workflow (see SKILL.md "凡涉及...必须联网核实" and references/search-protocol.md), meaning the agent will read and act on external web content that can materially influence decisions.