media-analyze

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow (Step 1 and Step 2 in SKILL.md) explicitly fetches and parses content from public third‑party sources — e.g., the Tavily API and scraping/searching sites like so.toutiao.com, wx.sogou.com, m.weibo.cn, and cn.bing.com — and then reads and integrates that untrusted, user-generated web content into reports, so those pages could inject instructions that materially influence agent behavior.