project-learner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — the SKILL.md "交互式教学" section explicitly instructs the agent to "必要时，查询互联网做 Grounding", i.e. fetch/consult the open internet as part of its workflow, which exposes it to untrusted third‑party web content that could influence its actions.