ai-news-zh

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — the skill's SKILL.md and sources.md explicitly require using web_fetch/browser to scrape public sites and RSS feeds (e.g., The Verge, Wired, TechCrunch, Anthropic, MIT Tech Review) and instruct the agent to extract, translate, and act on that content as part of its collection and push workflow, which exposes it to untrusted third‑party content that could contain indirect prompt injections.