bilibili-sentiment-dashboard

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (SKILL.md "when the user gives a Bilibili link" and scripts/run.py calling the /api/comment-analysis/parse-link and /api/comment-analysis/tasks endpoints) clearly causes the system to fetch and analyze user-generated Bilibili comments (public third‑party content) and the returned comments/insights are read and used to produce operational advice, so untrusted external content can influence agent actions.