guest-blogger

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to discover and read arbitrary public websites using Google/site: searches and to "research target websites" (e.g., "阅读 5-10 篇最近文章") and to check traffic via SimilarWeb, which requires ingesting untrusted, user-generated third-party web content that the agent would read and interpret as part of its workflow.