arkts-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — SKILL.md Workflow step 4 explicitly instructs to "refresh them via bash scripts/fetch_huawei_migration_refs.sh", which indicates the agent will fetch and then read third‑party Huawei/public migration reference documents that can influence its recommendations and tool use, creating a clear vector for indirect prompt injection.