wechat-tech-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the skill explicitly uses WebSearch and WebFetch to retrieve and scrape public third‑party sources (e.g., 官方文档, 掘金/CSDN/Medium posts, GitHub README) and then reads and rewrites that content as part of its workflow, exposing the agent to untrusted user-generated material.