tech-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required "第三步：准备参考文档" workflow (see 3.3 收集 / 整理文档) explicitly instructs collecting reference materials via Context7 MCP / WebFetch / WebSearch (i.e., public web sources) and requires those documents to be placed into workplace/1.X/references/ and read by the agent before design, meaning the agent will fetch and interpret untrusted third‑party web content that can materially influence its design decisions.