alicloud-ai-misc-crawl-and-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md step 1) explicitly crawls the public page https://help.aliyun.com/zh/model-studio/models and the provided scripts (refresh_models_summary.py and refresh_alicloud_skills.py) parse and act on that crawled content to generate/update skills, so third‑party web content can directly influence tool behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The workflow runs "npx -y @just-every/crawl "https://help.aliyun.com/zh/model-studio/models\"" at runtime which executes remote npm package code and relies on the fetched page (https://help.aliyun.com/zh/model-studio/models) as a required input for skill generation, meaning remote code is run during execution and external content influences generated skills.