toutiao-publisher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill launches a persistent browser and navigates to public Toutiao pages (LOGIN_URL / PUBLISH_URL / HOME_URL at mp.toutiao.com), reads the page URL and DOM/text (page.url, page.get_by_text, page.evaluate, selector checks) as part of its workflow, which exposes it to untrusted, user-generated third‑party content.