github-auto-star

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Flagged because SKILL.md explicitly instructs the agent to "使用 WebFetch 获取文章内容" and to monitor public RSS/blog URLs and screenshots (定时任务配置: RSS feed URL / 要监控的博客 URL), so untrusted public web content and user-generated pages are fetched and interpreted to decide which GitHub repos to star.