xhs-writer-factory

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires an active "热点检索模块" that fetches public third‑party sources (e.g., 财联社电报, 东方财富快讯, 同花顺热帖) as part of the required Skill backbone (Step 3.1), and those retrieved public/news/hot‑post contents are read and used to drive topic selection and generation, allowing untrusted/user‑generated content to influence actions.