requirement-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Stage 3 "外部资源研究" explicitly calls for 网页搜索 (exa MCP → WebSearch) and context7 via "WebSearch + Grep + Read", meaning the agent will fetch and read public web and third-party documentation (potentially user-generated/untrusted) as part of its workflow.