huashu-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs agents to "搜索并引用外部链接, 或下载到本地后在成品中引用本地路径" and to "引用开源图片 — Unsplash / Pexels 等免费图库的直链" (under "图片方案") and to generate HTML demos that may embed those external resources (Phase 3 demo generation), so it will fetch and incorporate open/public third‑party content into its runtime workflow.