linpingzhi

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes runtime code that fetches and ingests arbitrary external URLs (e.g., fetchData(url) using http.createHttp().request(...) in the "网络请求" example and network Image('https://example.com/image.png') in references/api_examples.md), meaning the agent could read/ render untrusted third-party content and thus be exposed to indirect prompt injection.