icon-retrieval

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md workflow explicitly calls the public API https://lab.weavefox.cn/api/v1/infographic/icon to obtain icon URLs and then instructs using curl to fetch the returned SVGs (Retrieve SVG Content / Workflow steps), meaning the agent will fetch and consume arbitrary third‑party web content as part of its run, which could enable indirect prompt injection.