zhihe-legal-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow (scripts/research.sh and scripts/monitor.sh) calls the external API at https://fc-openresearch-qzquocekez.cn-shanghai.fcapp.run to fetch task status, text_result and report URLs and then automatically downloads/parses those results (including report.docx) which the agent ingests and uses to decide actions (archive, notify, present analysis), therefore exposing it to untrusted third‑party content.