cnki-export

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md and scripts explicitly run injected browser scripts against CNKI pages and POST to https://kns.cnki.net/dm8/API/GetExport (steps 1A/1B) and then parse that page/API output to build Zotero items and download PDFs, so it ingests and acts on untrusted public web content from CNKI which could carry malicious instructions or manipulated fields that influence tool actions.