human-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs in the "使用建议" section to "结合联网搜索 — 先搜索最新数据和案例，再用自然风格生成", which requires fetching and incorporating content from the open web (untrusted public sources) into the generation workflow and thus exposes the agent to potential indirect prompt injection.